An example pattern in C# for watching security events (logon/logoff/privilege)
☆17Aug 13, 2018Updated 7 years ago
Alternatives and similar repositories for WhoDis
Users that are interested in WhoDis are comparing it to the libraries listed below
Sorting:
- An example in C# for programmatically calling UAC to escalate to admin☆14Aug 13, 2018Updated 7 years ago
- An example pattern in C# for using WMI to monitor process creation and termination events.☆53Aug 13, 2018Updated 7 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- PoC of a protected process causing a blue screen if killed.☆15Jul 31, 2018Updated 7 years ago
- Light-weight, cross-platform (NET Core 2.1) C# Asynchronous file server and text messaging platform. Utilizes custom extension methods wh…☆12Mar 28, 2019Updated 6 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- A pattern for client/server communication via Named Pipes via C#☆98Aug 8, 2018Updated 7 years ago
- PoC: Prevent a debugger from attaching to managed .NET processes via a watcher process code pattern.☆32Jul 31, 2018Updated 7 years ago
- Plugin Driven Remote Administration Tool (Unsupported)☆14Sep 23, 2015Updated 10 years ago
- A PoC .net shell which uses a GitHub.com repository for the communication channel.☆11Oct 25, 2018Updated 7 years ago
- This repo exists as a quick and dirty arsenal of methods and scripts to subvert .NET SSL/TLS certificate validation in PowerShell and pre…☆12Jan 28, 2017Updated 9 years ago
- Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the a…☆124Jul 7, 2023Updated 2 years ago
- Python based Office Macro Generator. Also does rudamentary obfuscation.☆12Jun 6, 2016Updated 9 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- ☆45Nov 5, 2018Updated 7 years ago
- ブラウザのCookieを.NETアプリで使えるようにするライブラリ☆11Dec 18, 2016Updated 9 years ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- A C# DLL to Dump LSA Secrets☆58Feb 5, 2018Updated 8 years ago
- A tool to run .Net DLLs from the command line☆105Oct 23, 2018Updated 7 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- VBA Macro obfuscator☆13Sep 20, 2020Updated 5 years ago
- AMSI bypass stager generator☆29Feb 5, 2019Updated 7 years ago
- Various C# projects for offensive security☆111Nov 14, 2019Updated 6 years ago
- A library to hook functions !☆18Dec 2, 2021Updated 4 years ago
- SkyRAT - Powershell Remote Administration Tool☆34Jan 8, 2018Updated 8 years ago
- ☆53Sep 16, 2021Updated 4 years ago
- CVE-2019-1064 Local Privilege Escalation Vulnerability☆11Jun 12, 2019Updated 6 years ago
- Verification tools for CVE-2016-1287☆33Mar 15, 2017Updated 9 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- ☆16Apr 17, 2021Updated 4 years ago
- ☆29Dec 29, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆95Mar 8, 2023Updated 3 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆89Nov 12, 2021Updated 4 years ago
- A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge☆164Jul 25, 2018Updated 7 years ago
- Fixes known BinaryFormatter deserialization vulnerabilities☆12Dec 16, 2019Updated 6 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆59Mar 8, 2019Updated 7 years ago
- CVE-2018-2628☆20Apr 18, 2018Updated 7 years ago