Small toolkit for extracting information and dumping sensitive strings from Windows processes
☆117Jul 17, 2024Updated last year
Alternatives and similar repositories for proctools
Users that are interested in proctools are comparing it to the libraries listed below
Sorting:
- Spoofing desktop login applications with WinForms and WPF☆177Feb 19, 2024Updated 2 years ago
- ☆168Feb 29, 2024Updated 2 years ago
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Feb 6, 2024Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Inject DLLs into the explorer process using icons☆408May 18, 2025Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Apr 27, 2025Updated 10 months ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆326Apr 12, 2024Updated last year
- Analysis of the vulnerability☆50Jan 23, 2024Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆618Jan 2, 2025Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- ☆147Nov 6, 2025Updated 4 months ago
- ☆17Jan 9, 2025Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆436Dec 21, 2023Updated 2 years ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆154May 7, 2024Updated last year
- ☆64Mar 14, 2024Updated 2 years ago
- ACL abuse swiss-knife☆127Feb 3, 2023Updated 3 years ago
- Analyse MSI files for vulnerabilities☆142Aug 30, 2024Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆45Apr 27, 2023Updated 2 years ago
- ☆568Mar 28, 2024Updated last year
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection.☆337Aug 7, 2024Updated last year
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Uses rpcdump to locate the ADCS server, and identify if ESC8 is vulnerable from unauthenticated perspective.☆82Sep 13, 2024Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆123May 29, 2024Updated last year
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆111Mar 10, 2024Updated 2 years ago
- Tool to remotely dump secrets from the Windows registry☆526Feb 27, 2026Updated 3 weeks ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆162Mar 1, 2024Updated 2 years ago
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- A PoC for achieving persistence via push notifications on Windows☆48Jun 9, 2023Updated 2 years ago