mlcsec / FormThief
Spoofing desktop login applications with WinForms and WPF
☆173Updated last year
Alternatives and similar repositories for FormThief:
Users that are interested in FormThief are comparing it to the libraries listed below
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆177Updated last year
- ☆170Updated 5 months ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆113Updated 3 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆186Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆198Updated 10 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆114Updated 11 months ago
- ☆117Updated 3 weeks ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆235Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆198Updated 6 months ago
- My implementation of the GIUDA project in C++☆181Updated last year
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆151Updated 4 months ago
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated 11 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆197Updated 6 months ago
- A powerful, modular, lightweight and efficient command & control framework written in Nim.☆77Updated this week
- ☆220Updated last year
- ☆137Updated 11 months ago
- Continuous password spraying tool☆181Updated last month
- Hide your P/Invoke signatures through other people's signed assemblies☆207Updated last year
- ☆179Updated 3 weeks ago
- Different methods to get current username without using whoami☆174Updated last year
- Evade EDR's the simple way, by not touching any of the API's they hook.☆100Updated 2 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆139Updated 9 months ago
- The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin☆171Updated 2 years ago
- Weaponized HellsGate/SigFlip☆199Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆151Updated 11 months ago
- Find .net assemblies locally☆111Updated 2 years ago
- Tool for viewing NTDS.dit☆155Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 9 months ago