jdu2600 / Get-InjectedThreadEx
Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2
☆27Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Get-InjectedThreadEx
- Piece of code to detect and remove hooks in IAT☆58Updated 2 years ago
- Nim process hollowing loader☆47Updated 3 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆37Updated 10 months ago
- Python module for running BOFs☆64Updated last year
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- ☆27Updated 2 months ago
- Collect Windows telemetry for Maldev☆36Updated this week
- Attack chain emulator. Write recipes for initial access easily☆20Updated last year
- Repo containing my public talks☆22Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 3 months ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆13Updated 4 months ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆37Updated 3 months ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆39Updated last month
- This repo hosts a poc of how to execute F# code within an unmanaged process☆65Updated 4 months ago
- quASAR: ASAR manipulation made easy☆24Updated 2 years ago
- ☆66Updated 3 months ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated 2 years ago
- Self Delete DLL☆23Updated 8 months ago
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 2 years ago
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆29Updated 2 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆38Updated 6 months ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆24Updated 5 months ago
- ☆76Updated 2 months ago
- RunPE adapted for x64 and written in C, does not use RWX☆24Updated 5 months ago
- A Bumblebee-inspired Crypter☆80Updated last year