Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2
☆51Oct 4, 2023Updated 2 years ago
Alternatives and similar repositories for Get-InjectedThreadEx
Users that are interested in Get-InjectedThreadEx are comparing it to the libraries listed below
Sorting:
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- ☆26Mar 6, 2025Updated 11 months ago
- ☆39Sep 25, 2023Updated 2 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- ☆22Mar 4, 2025Updated 11 months ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Jun 24, 2021Updated 4 years ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- Dump Teams conversations☆18Jun 9, 2021Updated 4 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- ☆126Jun 28, 2023Updated 2 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- ☆33Apr 7, 2020Updated 5 years ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Remove API hooks from a Beacon process.☆76Mar 13, 2022Updated 3 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆90Oct 13, 2024Updated last year
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆133May 17, 2023Updated 2 years ago
- Specialized tool to dump Position Independent Code.☆22Aug 4, 2020Updated 5 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 3 weeks ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- An example reference design for a proposed BOF PE☆197Jan 23, 2026Updated last month
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- ☆24Jun 13, 2022Updated 3 years ago
- ☆209Mar 22, 2021Updated 4 years ago
- C# .NET Assembly for interacting with File Object DACLs☆45Apr 3, 2020Updated 5 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆29Sep 28, 2023Updated 2 years ago
- ☆109Feb 17, 2025Updated last year
- ☆13Feb 25, 2023Updated 3 years ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- P2P Communications of Named Pipes☆12Dec 11, 2025Updated 2 months ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 2 months ago
- A tool to sync mythic events with ghostwriter oplog.☆14Nov 21, 2024Updated last year