An example pattern in C# for using WMI to monitor process creation and termination events.
☆53Aug 13, 2018Updated 7 years ago
Alternatives and similar repositories for WMIProcessWatcher
Users that are interested in WMIProcessWatcher are comparing it to the libraries listed below
Sorting:
- An example pattern in C# for watching security events (logon/logoff/privilege)☆17Aug 13, 2018Updated 7 years ago
- An example in C# for programmatically calling UAC to escalate to admin☆14Aug 13, 2018Updated 7 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Convert VBS file to EXE☆17May 17, 2025Updated 10 months ago
- init☆14Mar 16, 2020Updated 6 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- External C2 Using IE COM Objects☆100Feb 24, 2019Updated 7 years ago
- 《面向脚本驱动的软件开发》示例代码☆18Jan 12, 2019Updated 7 years ago
- .NET project for writing files to local or remote hosts☆43Jan 27, 2020Updated 6 years ago
- ☆30Nov 7, 2022Updated 3 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- A Microsoft Windows service to provide telemetry on Windows executable memory page changes to facilitate threat detection☆32Oct 7, 2020Updated 5 years ago
- vmware-backdoor☆33Jul 11, 2021Updated 4 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated last year
- Managed wrappers around the Windows API and some Native API☆35Jun 15, 2018Updated 7 years ago
- A pattern for client/server communication via Named Pipes via C#☆98Aug 8, 2018Updated 7 years ago
- Various C# projects for offensive security☆111Nov 14, 2019Updated 6 years ago
- WMI Event Subscription Persistence in C#☆112May 29, 2019Updated 6 years ago
- A POC C2 server and agent to explore just if/how the Ethereum blockchain can be used for C2☆77Apr 5, 2019Updated 6 years ago
- ☆60Dec 20, 2023Updated 2 years ago
- vmp3.2授权分析☆30Oct 29, 2018Updated 7 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- A more stealthy variant of "DLL hollowing"☆363Mar 8, 2024Updated 2 years ago
- A POC for Windows Extension Host hooking☆24Jul 13, 2019Updated 6 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆149Feb 15, 2020Updated 6 years ago
- WinXPSP2.Cermalus on stereoids, supporting all 32 bits Windows version. Windows Kernel Virus stuff for noobs☆18Aug 11, 2023Updated 2 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆36Dec 9, 2019Updated 6 years ago
- .NET tool for enumeration processes and dumping memory.☆57Apr 4, 2019Updated 6 years ago
- A c++, QT gui based memory engine☆13Mar 6, 2018Updated 8 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- ☆37Dec 27, 2021Updated 4 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Jul 31, 2018Updated 7 years ago
- Hijack Printconfig.dll to execute shellcode☆101Jan 15, 2021Updated 5 years ago
- This repository contains some details about abusing outlook.☆27Aug 17, 2018Updated 7 years ago
- SkyRAT - Powershell Remote Administration Tool☆34Jan 8, 2018Updated 8 years ago
- History and analysis of Windows desktop images☆19Jan 28, 2021Updated 5 years ago
- ACTIVELabs Security Advisories☆24May 19, 2021Updated 4 years ago