sideloading PoC using onedrive.exe & version.dll
☆92Oct 30, 2025Updated 4 months ago
Alternatives and similar repositories for version.dll-sideloading
Users that are interested in version.dll-sideloading are comparing it to the libraries listed below
Sorting:
- A portable C# utility for enumerating local and remote windows sessions☆56Jan 1, 2026Updated 2 months ago
- Modified version of PEAS client for offensive operations☆50Nov 1, 2025Updated 4 months ago
- Prevent in-process process termination by patching exit APIs☆63Nov 9, 2025Updated 3 months ago
- Title is self explaining, well theres few methods we can do to read locked file and play with it...☆96Jan 5, 2026Updated 2 months ago
- CVE-2025-64155: Fortinet FortiSIEM Argument Injection to Remote Code Execution☆31Jan 13, 2026Updated last month
- ☆20Sep 6, 2025Updated 6 months ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated last month
- Automated DLL Hijacking Detection Tool with Zero False Positives — Discovers, filters, and canary-confirms exploitable DLL hijacks on Win…☆135Updated this week
- ☆12Oct 9, 2020Updated 5 years ago
- Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.☆237Feb 20, 2026Updated 2 weeks ago
- ☆55May 31, 2025Updated 9 months ago
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 4 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆86Oct 20, 2025Updated 4 months ago
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆131Dec 8, 2025Updated 2 months ago
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Oct 19, 2025Updated 4 months ago
- KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulatio…☆168Feb 26, 2026Updated last week
- ☆73Feb 12, 2026Updated 3 weeks ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- A small crappy script I wrote that converts the Sigma Windows Process Creation events to KQL via PySigma. Designed for CI/CD☆10Nov 7, 2023Updated 2 years ago
- poc for cve-2025-53772☆46Dec 10, 2025Updated 2 months ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆227Sep 19, 2025Updated 5 months ago
- ☆61Oct 24, 2025Updated 4 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆65Jan 13, 2026Updated last month
- Interactive PowerShell framework for testing WMI, COM, LOLBAS, and persistence techniques☆95Dec 28, 2025Updated 2 months ago
- Tamper Active Directory user attributes to collect their hashes with MS-SNTP☆64Jan 21, 2025Updated last year
- A method of bypassing EDR's active projection DLL's by preventing entry point exection☆24May 10, 2021Updated 4 years ago
- COM-based DLL Surrogate Injection☆142Dec 9, 2025Updated 2 months ago
- wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).☆30Jan 22, 2026Updated last month
- The instant digital "Do Not Touch" sign for your Mac. Stop fingerprints and protect your expensive display with one keystroke.☆29Jan 13, 2026Updated last month
- WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.☆13Oct 24, 2022Updated 3 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- Fairy Law - Compromise or disable EDR security solutions☆68Dec 1, 2025Updated 3 months ago
- Dump LSASS via physical memory read primitives in vulnerable kernel drivers☆275Feb 2, 2026Updated last month
- ☆31May 16, 2024Updated last year
- Static Encrypt is an crate that encrypts string literals at compile time and only decrypted at runtime when needed.☆57Jan 17, 2026Updated last month
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆116Dec 21, 2025Updated 2 months ago
- New 0 day vulnerability allowing to leak NTLM hashes from browsers with one click☆208Nov 18, 2025Updated 3 months ago