Shim database persistence (Fin7 TTP)
☆37Feb 25, 2020Updated 6 years ago
Alternatives and similar repositories for ShimDB
Users that are interested in ShimDB are comparing it to the libraries listed below
Sorting:
- Ps1jacker is a tool for generating COM Hijacking payload.☆60Feb 11, 2025Updated last year
- ☆18Jul 4, 2019Updated 6 years ago
- Windows x64 Process Scanner to detect application compatability shims☆37Oct 17, 2018Updated 7 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- IDA Pro plugin that rename functions on load, based on functionality☆19Mar 9, 2018Updated 7 years ago
- Methods of C2☆22Jul 15, 2015Updated 10 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Registry Miner☆14Apr 10, 2018Updated 7 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- Get USB Devices from Registry hives☆22Nov 15, 2021Updated 4 years ago
- Generate bulk YARA rules from YAML input☆22Feb 3, 2020Updated 6 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- Template for asynchronously controlling meterpreter sessions☆13Jun 19, 2018Updated 7 years ago
- Run commands over RDP on massive number of hosts☆11Nov 26, 2018Updated 7 years ago
- An updated C# port of X-Ways X-Tensions API.☆11Mar 12, 2018Updated 7 years ago
- Server for receiving autorun data from the clients☆13Sep 26, 2017Updated 8 years ago
- Exploitation Script for CVE-2020-0688 "Microsoft Exchange default MachineKeySection deserialize vulnerability"☆11Apr 1, 2020Updated 5 years ago
- A malicious KeePass plugin to exfiltrate the master key.☆15Oct 25, 2021Updated 4 years ago
- Python script to automatically create sigma rules from The hive observables☆25Mar 17, 2019Updated 6 years ago
- ☆22Jul 7, 2017Updated 8 years ago
- Tool to view and create Microsoft shim database files (SDB).☆119May 11, 2017Updated 8 years ago
- ☆28Dec 16, 2023Updated 2 years ago
- The project is called GreatSCT (Great Scott). GreatSCT is an open source project to generate application white list bypasses. This tool i…☆29May 5, 2018Updated 7 years ago
- Duo MFA auditing tool to test users' likelihood of approving unexpected push notifications☆13Apr 20, 2018Updated 7 years ago
- A tool that can help detect and takeover subdomains with dead DNS records☆12Aug 23, 2018Updated 7 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆97Sep 26, 2019Updated 6 years ago
- Run Powershell remotely from the CLI☆11May 1, 2016Updated 9 years ago
- Example of a serverless web reconaissance workflow's AWS architecture.☆11Feb 25, 2023Updated 3 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- ☆12Aug 10, 2019Updated 6 years ago
- Pure Python parser for Application Compatibility Shim Databases (.sdb files)☆110Jan 26, 2021Updated 5 years ago
- PurpleSpray is an adversary simulation tool that executes password spray behavior under different scenarios and conditions with the purpo…☆51Aug 15, 2019Updated 6 years ago
- Python script which will type a file into an RDP session. For when drag and drop and disk mounting is not possible☆33May 3, 2024Updated last year
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Communicate with a remote shell easily☆12Dec 10, 2017Updated 8 years ago
- Registry to JSON. This Project is for learning purposes and is not maintained.☆12Dec 28, 2021Updated 4 years ago
- Scripts that I've written that others may find useful☆14Aug 17, 2022Updated 3 years ago
- ReviveIT (revit) is a proof of concept file recovery tool (carver)☆13Dec 3, 2020Updated 5 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago