Windows Persistence Toolkit in C#
☆36Sep 23, 2022Updated 3 years ago
Alternatives and similar repositories for SharPersist
Users that are interested in SharPersist are comparing it to the libraries listed below
Sorting:
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆11Mar 22, 2021Updated 4 years ago
- Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container☆27Oct 24, 2021Updated 4 years ago
- ☆14Sep 26, 2023Updated 2 years ago
- CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.☆25May 23, 2022Updated 3 years ago
- ☆161Mar 27, 2023Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- ☆29May 10, 2024Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆64Dec 26, 2024Updated last year
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆12Oct 1, 2022Updated 3 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- A payload delivery system which embeds payloads in an executable's icon file!☆73Jan 26, 2024Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret …☆263Apr 29, 2023Updated 2 years ago
- Collection of extracted Microsoft Defender data for security research purposes☆234Jun 23, 2022Updated 3 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- A Bumblebee-inspired Crypter☆80Dec 5, 2022Updated 3 years ago
- More examples using the Impacket library designed for learning purposes.☆264Nov 4, 2022Updated 3 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- .NET/PowerShell/VBA Offensive Security Obfuscator☆517Feb 1, 2024Updated 2 years ago
- WNF Code Execution Library Using C#☆110May 18, 2020Updated 5 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 3 months ago
- Python tool for kidnapping Chrome cookies from a MacOS target☆22Oct 5, 2022Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 3 years ago
- Remote operations commands implemented using Beacon Object Files☆1,120Feb 23, 2026Updated 2 weeks ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Aug 2, 2023Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆55Oct 19, 2023Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 3 years ago
- Small POC for process ghosting☆40Feb 1, 2022Updated 4 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆24Sep 19, 2022Updated 3 years ago
- ☆27May 1, 2023Updated 2 years ago
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- Overwrite a process's recovery callback and execute with WER☆102Apr 17, 2022Updated 3 years ago
- ☆38Apr 7, 2023Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆953Feb 2, 2026Updated last month