kargisimos / detenvLinks
A small and portable Windows C library for sandbox detection
☆34Updated last year
Alternatives and similar repositories for detenv
Users that are interested in detenv are comparing it to the libraries listed below
Sorting:
- ☆48Updated 2 years ago
- in-process powershell runner for BRC4☆45Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- ☆82Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆63Updated 5 months ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- ☆55Updated 7 months ago
- Winsocket for Cobalt Strike.☆98Updated last year
- Remotely dump NT hashes through Windows Crash dumps☆27Updated 7 months ago
- ☆36Updated 6 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- ☆67Updated last year
- SAM Dumping in C#☆48Updated 4 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 8 months ago
- Section-based payload obfuscation technique for x64☆59Updated 9 months ago
- Create Anti-Copy DRM Malware☆57Updated 9 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- To audit the security of read-only domain controllers☆117Updated last year
- RCE PoC for Empire C2 framework <5.9.3☆28Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- ProcExp Driver (Ab)use☆22Updated 2 years ago
- ☆79Updated last year
- Tool to start processes as SYSTEM using token duplication☆38Updated 4 years ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- ☆71Updated last year
- ☆21Updated 11 months ago