PoC: process watcher patterns to make killing a process hard.
☆11Aug 1, 2018Updated 7 years ago
Alternatives and similar repositories for DieHard
Users that are interested in DieHard are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- PoC of a protected process causing a blue screen if killed.☆15Jul 31, 2018Updated 7 years ago
- An example in C# for programmatically calling UAC to escalate to admin☆14Aug 13, 2018Updated 7 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Jul 31, 2018Updated 7 years ago
- Trojan downloader simple virus☆16Sep 30, 2018Updated 7 years ago
- C# Implementation of Get-VaultCredential☆14Jul 31, 2018Updated 7 years ago
- An example pattern in C# for watching security events (logon/logoff/privilege)☆17Aug 13, 2018Updated 7 years ago
- A malicious KeePass plugin to exfiltrate the master key.☆15Oct 25, 2021Updated 4 years ago
- ☆16Apr 17, 2021Updated 4 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆21May 17, 2023Updated 2 years ago
- Techniques that i have used to evade anti-virus during pen tests.☆13May 29, 2018Updated 7 years ago
- �☆67Dec 19, 2018Updated 7 years ago
- Bypass AMSI and Executing PowerShell scripts from C# - using CyberArk's method to bypass AMSI☆31Feb 22, 2020Updated 6 years ago
- .NET applications hacking toolset☆18Jan 12, 2021Updated 5 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆29Sep 17, 2019Updated 6 years ago
- PowerShell script to bypass UAC using DCCW☆19Jul 29, 2017Updated 8 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 4 years ago
- A pattern for a self-installing Windows service in C# with the unstoppable attributes in C#.☆67Jan 19, 2019Updated 7 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Aug 26, 2021Updated 4 years ago
- A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge☆164Jul 25, 2018Updated 7 years ago
- ☆22Mar 5, 2018Updated 8 years ago
- Powershell script which will take any payload and put it in the a bat script which delivers the payload. The payload is delivered using e…☆57Apr 13, 2024Updated last year
- A pattern for client/server communication via Named Pipes via C#☆98Aug 8, 2018Updated 7 years ago
- Download payload to disk and install it to startup then melt.☆35Apr 9, 2019Updated 6 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆46Mar 1, 2021Updated 5 years ago
- ☆29May 10, 2024Updated last year
- Various C# projects for offensive security☆111Nov 14, 2019Updated 6 years ago
- Kill AMSI in a remote process PoC☆10Aug 18, 2018Updated 7 years ago
- Apfell C2 Server for the Google Chrome Extension Payload☆12Aug 12, 2020Updated 5 years ago
- Example managed and unmanaged plugins for CoreHook☆14Mar 3, 2019Updated 7 years ago
- Setting up macOS the fast-way. Docs available at https://i3p9.github.io/mac-setup/☆12Oct 15, 2023Updated 2 years ago
- Group 4 - C# Remote Administrator Tool☆11Feb 18, 2025Updated last year
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- cobalt strike stuff I have gathered from around github☆31May 5, 2017Updated 8 years ago
- Cobalt Strike Aggressor script menu for Powerview/SharpView☆28May 8, 2019Updated 6 years ago
- An example of using Dynamic Invoke to Inject Shellcode using the Early Bird Method.☆15Dec 14, 2023Updated 2 years ago
- ☆16Dec 31, 2016Updated 9 years ago