icyguider / PowerChunker
Bypass AMSI via PowerShell by splitting a file into multiple chunks
☆49Updated 3 years ago
Related projects: ⓘ
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Scripts for public use that we've randomly written, or have updated from other people's work.☆38Updated 2 months ago
- OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.☆90Updated 2 years ago
- Automating payload generation for OSEP labs and exam.☆34Updated 2 years ago
- .NET project for installing Persistence☆64Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆50Updated 4 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆84Updated last year
- ☆69Updated 10 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆60Updated last year
- Secretsdump C# version only supporting local (live) operation☆47Updated last year
- ☆135Updated 2 years ago
- Add SD for controlled computer object to a target object for RBCD using LDAP☆38Updated 2 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago
- PowerSploit - A PowerShell Post-Exploitation Framework☆41Updated last year
- ☆51Updated 3 years ago
- Golng version of SharpDump that can be used to extract LSASS or any other proces. Provides token elevation prior to creating dump of high…☆20Updated 3 years ago
- cobalt strike tools☆31Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- Get Fine Grained Password Policy☆62Updated 4 months ago
- IOXIDResolver from AirBus Security/PingCastle☆45Updated 3 years ago
- ☆18Updated last year
- C# havoc implant☆90Updated last year
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆94Updated 2 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆64Updated 2 months ago
- My BloodHound custom queries☆22Updated last year
- Federated Office365 user enumeration based on correlated response trend analysis☆47Updated 2 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆87Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆55Updated 5 months ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆81Updated 2 years ago