houseofint3 / windows-ps-callbacks-experiments
Files for http://blog.deniable.org/posts/windows-callbacks/
☆12Updated 2 years ago
Alternatives and similar repositories for windows-ps-callbacks-experiments:
Users that are interested in windows-ps-callbacks-experiments are comparing it to the libraries listed below
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆26Updated 2 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆20Updated last year
- ☆43Updated last year
- Example of using Sleep to create better named pipes.☆41Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated this week
- idk man this was the default github name☆35Updated 2 years ago
- Self Delete DLL☆23Updated last year
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- ☆20Updated 10 months ago
- Beacon Object Files (not Buffer Overflows)☆54Updated 2 years ago
- ☆36Updated 10 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- ☆29Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆28Updated 9 months ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Updated last year
- BOF for C2 framework☆41Updated 5 months ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- ☆25Updated 3 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Updated 3 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Updated 2 months ago
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆25Updated 8 months ago
- RunPE adapted for x64 and written in C, does not use RWX☆25Updated 11 months ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆18Updated 2 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Updated last year
- miscellaneous codes☆35Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆34Updated 7 months ago
- use python on windows with full submodule support without installation☆27Updated 3 months ago