jborean93 / AmsiProviderLinks
Test AMSI Provider implementation in C#
☆42Updated 10 months ago
Alternatives and similar repositories for AmsiProvider
Users that are interested in AmsiProvider are comparing it to the libraries listed below
Sorting:
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆51Updated 5 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆81Updated 3 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Updated 8 months ago
- SCEP request tool for AD CS and Intune☆69Updated this week
- Parse SDDL strings☆36Updated last year
- TokenCert☆100Updated 11 months ago
- A simple tool to identify WDS servers in Active Directory☆31Updated 2 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆74Updated last year
- Sniffing files generator☆59Updated 8 months ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆23Updated last year
- ☆49Updated 3 months ago
- RPC to WebClient startup☆52Updated 2 months ago
- Validates priv escalation of AD trusts☆47Updated 6 months ago
- Extract registry and NTDS secrets from local or remote disk images☆43Updated 7 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆56Updated 6 months ago
- ☆51Updated 11 months ago
- ☆34Updated 8 months ago
- Impersonate Tokens using only NTAPI functions☆80Updated 6 months ago
- ☆63Updated last year
- ☆65Updated last year
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆35Updated 4 months ago
- Click Once + App Domain☆64Updated last year
- ☆57Updated 8 months ago
- Neo4LDAP is a query and visualization tool focused on Active Directory environments. It combines LDAP syntax with graph-based data analys…☆86Updated last month
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- PoC script to demonstrate collection of SCCM attack paths that can be viewed in BH with OpenGraph☆24Updated 2 months ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆19Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆37Updated 6 months ago
- ☆43Updated 8 months ago
- ☆41Updated last year