Create MSIs using PowerShell.
☆275Nov 1, 2025Updated 4 months ago
Alternatives and similar repositories for psmsi
Users that are interested in psmsi are comparing it to the libraries listed below
Sorting:
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- ☆164Dec 30, 2022Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago
- Windows Detour Hooking in PowerShell☆83Dec 23, 2025Updated 2 months ago
- Patch AMSI and ETW☆249May 8, 2024Updated last year
- C# Tool to interact with MS Exchange based on MS docs☆102Dec 7, 2022Updated 3 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Dump NTDS with golden certificates and UnPAC the hash☆647Mar 20, 2024Updated last year
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆136Dec 20, 2022Updated 3 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- Beacon Object Files for roasting Active Directory☆235Feb 21, 2022Updated 4 years ago
- Coerce Windows machines auth via MS-EVEN☆172Jan 17, 2024Updated 2 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Recovering NTLM hashes from Credential Guard☆377Dec 26, 2022Updated 3 years ago
- A standalone DLL that exports databases in cleartext once injected in the KeePass process.☆300Mar 1, 2023Updated 3 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆86Nov 8, 2023Updated 2 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆186Feb 12, 2023Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆187Jun 22, 2022Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- ☆199Aug 28, 2025Updated 6 months ago
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Python library with CLI allowing to remotely dump domain user credentials via an ADCS without dumping the LSASS process memory☆398Aug 15, 2025Updated 6 months ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆517Feb 1, 2024Updated 2 years ago
- A shellcode function to encrypt a running process image when sleeping.☆340Sep 11, 2021Updated 4 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- ☆414Nov 18, 2022Updated 3 years ago
- Scraping Kit is made up of several tools for scraping services for keywords, useful for initial enumeration of Domain Controllers or if y…☆99Jul 7, 2023Updated 2 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆35Feb 2, 2026Updated last month
- Dump the memory of any PPL with a Userland exploit chain☆352Mar 17, 2023Updated 2 years ago