itm4n/Perfusion external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

itm4n/Perfusion

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/itm4n/Perfusion)

Close

itm4n / PerfusionView on GitHubMore

• External links
• Readme badge

Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)

☆426Apr 22, 2021Updated 4 years ago

Alternatives and similar repositories for Perfusion

Users that are interested in Perfusion are comparing it to the libraries listed below

• deepinstinct / LsassSilentProcessExit

  View on GitHub
  Command line interface to dump LSASS memory to disk via SilentProcessExit
  ☆454Dec 23, 2020Updated 5 years ago
• antonioCoco / RemotePotato0

  View on GitHub
  Windows Privilege Escalation from User to Domain Admin.
  ☆1,452Dec 18, 2022Updated 3 years ago
• itm4n / PPLdump

  View on GitHub
  Dump the memory of a PPL with a userland exploit
  ☆887Jul 24, 2022Updated 3 years ago
• JamesCooteUK / SharpSphere

  View on GitHub
  .NET Project for Attacking vCenter
  ☆553Nov 11, 2021Updated 4 years ago
• rvrsh3ll / SharpSMBSpray

  View on GitHub
  Spray a hash via smb to check for local administrator access
  ☆142Feb 7, 2021Updated 5 years ago
• nccgroup / nccfsas

  View on GitHub
  Information released publicly by NCC Group's Full Spectrum Attack Simulation (FSAS) team.
  ☆608Aug 5, 2022Updated 3 years ago
• asaurusrex / Probatorum-EDR-Userland-Hook-Checker

  View on GitHub
  Project to check which Nt/Zw functions your local EDR is hooking
  ☆200Mar 21, 2021Updated 5 years ago
• klezVirus / CheeseTools

  View on GitHub
  Self-developed tools for Lateral Movement/Code Execution
  ☆719Aug 17, 2021Updated 4 years ago
• G0ldenGunSec / SharpSecDump

  View on GitHub
  .Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py
  ☆617Feb 16, 2023Updated 3 years ago
• xforcered / StandIn

  View on GitHub
  StandIn is a small .NET35/45 AD post-exploitation toolkit
  ☆257Dec 2, 2021Updated 4 years ago
• S3cur3Th1sSh1t / SharpNamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆310Nov 29, 2023Updated 2 years ago
• S3cur3Th1sSh1t / MultiPotato

  View on GitHub
  ☆538Nov 20, 2021Updated 4 years ago
• jfmaes / SharpHandler

  View on GitHub
  ☆185Jan 5, 2021Updated 5 years ago
• S3cur3Th1sSh1t / NamedPipePTH

  View on GitHub
  Pass the Hash to a named pipe for token Impersonation
  ☆145May 1, 2021Updated 4 years ago
• med0x2e / ExecuteAssembly

  View on GitHub
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆595Jul 26, 2021Updated 4 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆220May 3, 2023Updated 2 years ago
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 2 years ago
• mitchmoser / SharpShares

  View on GitHub
  Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
  ☆376Sep 20, 2025Updated 6 months ago
• Kevin-Robertson / Sharpmad

  View on GitHub
  C# version of Powermad
  ☆169Dec 5, 2023Updated 2 years ago
• ReversecLabs / physmem2profit

  View on GitHub
  Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
  ☆424Jul 27, 2022Updated 3 years ago
• RedSiege / CIMplant

  View on GitHub
  C# port of WMImplant which uses either CIM or WMI to query remote systems
  ☆203Jul 14, 2021Updated 4 years ago
• pkb1s / SharpRelay

  View on GitHub
  ☆181Feb 3, 2021Updated 5 years ago
• mgeeky / SharpWebServer

  View on GitHub
  Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
  ☆287Jun 26, 2023Updated 2 years ago
• RedCursorSecurityConsulting / PPLKiller

  View on GitHub
  Tool to bypass LSA Protection (aka Protected Process Light)
  ☆989Dec 4, 2022Updated 3 years ago
• jfmaes / SharpZipRunner

  View on GitHub
  Executes position independent shellcode from an encrypted zip
  ☆304Dec 22, 2020Updated 5 years ago
• jsecu / CredManBOF

  View on GitHub
  ☆99Sep 20, 2021Updated 4 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• itm4n / UsoDllLoader

  View on GitHub
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆404Jun 6, 2020Updated 5 years ago
• Mr-Un1k0d3r / SCShell

  View on GitHub
  Fileless lateral movement tool that relies on ChangeServiceConfigA to run command
  ☆1,608Jul 10, 2023Updated 2 years ago
• boku7 / spawn

  View on GitHub
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆469Mar 8, 2023Updated 3 years ago
• xuanxuan0 / DripLoader

  View on GitHub
  Evasive shellcode loader for bypassing event-based injection detection (PoC)
  ☆824Aug 23, 2021Updated 4 years ago
• zcgonvh / EfsPotato

  View on GitHub
  Exploit for EfsPotato(MS-EFSR EfsRpcOpenFileRaw with SeImpersonatePrivilege local privalege escalation vulnerability).
  ☆819Dec 14, 2023Updated 2 years ago
• rxwx / spoolsystem

  View on GitHub
  Print Spooler Named Pipe Impersonation for Cobalt Strike
  ☆272Jun 13, 2020Updated 5 years ago
• TheWover / CertStealer

  View on GitHub
  A .NET tool for exporting and importing certificates without touching disk.
  ☆502Oct 8, 2021Updated 4 years ago
• EncodeGroup / AggressiveProxy

  View on GitHub
  Project to enumerate proxy configurations and generate shellcode from CobaltStrike
  ☆140Nov 4, 2020Updated 5 years ago
• guervild / BOFs

  View on GitHub
  Cobalt Strike Beacon Object Files
  ☆167May 2, 2022Updated 3 years ago
• EspressoCake / BeaconDownloadSync

  View on GitHub
  ☆94May 14, 2022Updated 3 years ago
• GhostPack / RestrictedAdmin

  View on GitHub
  Remotely enables Restricted Admin Mode
  ☆215Sep 3, 2021Updated 4 years ago
• klezVirus / CandyPotato

  View on GitHub
  Pure C++, weaponized, fully automated implementation of RottenPotatoNG
  ☆314Sep 16, 2021Updated 4 years ago