matterpreter / FindETWProviderImage
Quickly search for references to a GUID in DLLs, EXEs, and drivers
☆59Updated 2 years ago
Related projects: ⓘ
- ☆47Updated 4 years ago
- ☆50Updated this week
- ☆43Updated 10 months ago
- ☆31Updated 2 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆77Updated 3 years ago
- ☆51Updated 3 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆37Updated 2 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆50Updated 4 years ago
- ☆35Updated this week
- ☆68Updated last year
- Small tool to play with IOCs caused by Imageload events☆37Updated last year
- This repo hosts a poc of how to execute F# code within an unmanaged process☆64Updated 2 months ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆53Updated last year
- A module for CME that spiders across a domain.☆35Updated 2 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆100Updated 2 years ago
- ☆36Updated this week
- The repository accompanying the Buer Emulation workshop☆23Updated 3 years ago
- ☆20Updated 2 years ago
- ☆41Updated 2 years ago
- D/Invoke port of UrbanBishop☆29Updated 3 years ago
- Continuous kerberoast monitor☆43Updated last year
- ☆35Updated 3 months ago
- Timestomping module: overwrite file create/modify times in .NET (no pinvoke)☆22Updated 2 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆61Updated 2 years ago
- ☆53Updated 2 years ago
- Specialized tool to dump Position Independent Code.☆21Updated 4 years ago
- RDPThief donut shellcode inject into mstsc☆74Updated 3 years ago
- ☆38Updated 2 years ago
- BloodCheck enables Red and Blue Teams to manage multiple Neo4j databases and run Cypher queries against a BloodHound dataset.☆17Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆29Updated 2 years ago