Disable PPL via custom driver and dump lsass
☆15Mar 13, 2021Updated 4 years ago
Alternatives and similar repositories for DisablePPLDriverPoc
Users that are interested in DisablePPLDriverPoc are comparing it to the libraries listed below
Sorting:
- ☆12Aug 10, 2019Updated 6 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- Secretly record audio and video with chromium based browsers.☆23Feb 14, 2024Updated 2 years ago
- ☆23May 28, 2021Updated 4 years ago
- Exactly what it sounds like, which is something rad☆22Oct 12, 2022Updated 3 years ago
- leaking net-ntlm with webdav☆26Feb 23, 2021Updated 5 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- PoC for hiding PE exports☆67Dec 19, 2020Updated 5 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- A C# SSH client☆74Jan 29, 2024Updated 2 years ago
- CloudFlare Worker Shell☆14Aug 29, 2020Updated 5 years ago
- A tool to reverse engineer and inspect the RPM and APT databases to list all the packages along with executables, service, versions and C…☆17Feb 20, 2026Updated last week
- ☆21Jan 8, 2026Updated last month
- Python3 script to generate a macro to launch a Mythic payload. Author: Cedric Owens☆48Apr 15, 2021Updated 4 years ago
- Display Languages Volatile Environment LPE☆12Jun 28, 2025Updated 8 months ago
- PoC code for CVE-2020-16939 Windows Group Policy DACL Overwrite Privilege Escalation☆12Oct 27, 2020Updated 5 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- Utilities for decrypting and hashing SolarWinds Orion credentials☆14Oct 25, 2018Updated 7 years ago
- ☆15Jan 26, 2023Updated 3 years ago
- ☆14Nov 29, 2021Updated 4 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- A collection of scripts used to support an OffSecOps pipeline.☆15Jan 31, 2021Updated 5 years ago
- ☆19Dec 18, 2024Updated last year
- ☆16Jul 3, 2024Updated last year
- Detect and extract hidden files☆22Aug 29, 2024Updated last year
- Designed to learn OS specific anti-emulation patterns by fuzzing the Windows API.☆99Jul 7, 2020Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- Antivirus Emulator Fingerprints☆30Oct 12, 2018Updated 7 years ago
- RunPE using Hell's Gate technique.☆32Dec 4, 2020Updated 5 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Jun 12, 2020Updated 5 years ago
- ☆15May 26, 2021Updated 4 years ago
- Example of async client/server sockets in .NET 5☆17Jun 9, 2021Updated 4 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 5 years ago
- Windows 7/2008 R2 EoP☆13Feb 12, 2021Updated 5 years ago
- A BOF.NET program to split a file into smaller chunks and email it via a specified SMTP relay.☆15Jun 24, 2021Updated 4 years ago
- JXA script for Mythic that prints the TCC.db☆15Apr 18, 2021Updated 4 years ago