malcomvetter / WhoDisLinks
An example pattern in C# for watching security events (logon/logoff/privilege)
☆17Updated 6 years ago
Alternatives and similar repositories for WhoDis
Users that are interested in WhoDis are comparing it to the libraries listed below
Sorting:
- C# Implementation of Get-VaultCredential☆14Updated 7 years ago
- C# code to run PIC using CreateThread☆17Updated 6 years ago
- ☆42Updated 6 years ago
- ☆34Updated 7 years ago
- ☆33Updated 6 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Updated 7 years ago
- .NET tool for enumeration processes and dumping memory.☆57Updated 6 years ago
- Inject .Net payloads into other .Net assemblies on disk☆61Updated 5 years ago
- A C# DLL to Dump LSA Secrets☆58Updated 7 years ago
- Automate AV evasion by calling AMSI☆88Updated 2 years ago
- Code that can be used to create/steal/manipulate token contexts in a program. Can be implemented into other C# projects.☆12Updated 6 years ago
- ☆70Updated 6 years ago
- ☆26Updated 6 years ago
- ☆28Updated 7 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Updated 6 years ago
- Quick and dirty .net console app for querying mssql servers.☆20Updated 6 years ago
- ☆22Updated 7 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Updated 6 years ago
- few months old but better than nothing☆58Updated 3 years ago
- InsecurePowerShellHost is a .NET Core host process for InsecurePowerShell, a version of PowerShell Core v6.0.0 with key security features…☆32Updated 7 years ago
- Run Managed Assemblies with RunDll☆17Updated 7 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆36Updated 6 years ago
- Various C# projects for offensive security☆110Updated 5 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆42Updated 6 years ago
- Miscellaneous PowerShell scripts for red team activities☆16Updated 9 months ago
- Easily serve HTTP and DNS keys for proper payload protection☆59Updated 6 years ago
- Tool for injecting a "TCP Relay" managed assembly into an unmanaged process☆65Updated 6 years ago
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 4 years ago
- ☆45Updated 7 years ago
- A pattern for a self-installing Windows service in C# with the unstoppable attributes in C#.☆66Updated 6 years ago