☆39Jul 29, 2021Updated 4 years ago
Alternatives and similar repositories for scarecrow_wrapper
Users that are interested in scarecrow_wrapper are comparing it to the libraries listed below
Sorting:
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆183Aug 4, 2021Updated 4 years ago
- Load .net assemblies from memory while having them appear to be loaded from an on-disk location.☆173May 5, 2021Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆228Jul 30, 2021Updated 4 years ago
- Extended Process List (Search functionality)☆29Jan 23, 2021Updated 5 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- Nim version of MDSec's Parallel Syscall PoC☆123Jan 14, 2022Updated 4 years ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- ☆27Aug 8, 2021Updated 4 years ago
- ☆94May 14, 2022Updated 3 years ago
- Just a PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin)☆145Sep 4, 2021Updated 4 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- NativePayload_CallBackTechniques C# Codes (Code Execution via Callback Functions Technique, without CreateThread Native API)☆118Jun 7, 2023Updated 2 years ago
- ☆185Jan 5, 2021Updated 5 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆346Sep 1, 2021Updated 4 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- Continuous kerberoast monitor☆45Aug 24, 2023Updated 2 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- ☆133Dec 19, 2020Updated 5 years ago
- ☆415Apr 28, 2021Updated 4 years ago
- A Visual Studio Code Extension agent for Mythic C2☆71Nov 5, 2024Updated last year
- DLL hijacking vulnerability scanner and PE infector tool☆20Sep 8, 2017Updated 8 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆195Jul 9, 2021Updated 4 years ago
- ☆40May 21, 2022Updated 3 years ago
- pyForgeCert is a Python equivalent of the ForgeCert.☆69Aug 15, 2023Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Collection of VBA macro published in our twitter / blog☆158Sep 5, 2022Updated 3 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆107Mar 8, 2023Updated 2 years ago
- Create file system symbolic links from low privileged user accounts within PowerShell☆95Jun 20, 2022Updated 3 years ago
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 4 years ago
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆148Sep 7, 2020Updated 5 years ago
- ☆13Dec 27, 2023Updated 2 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆125May 24, 2022Updated 3 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago