mlcsec / proctools
Small toolkit for extracting information and dumping sensitive strings from Windows processes
☆109Updated 8 months ago
Alternatives and similar repositories for proctools:
Users that are interested in proctools are comparing it to the libraries listed below
- Duplicate not owned Token from Running Process☆72Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆62Updated 2 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆99Updated last year
- ☆54Updated 4 months ago
- Source code and examples for PassiveAggression☆55Updated 9 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆86Updated last year
- .NET deserialization hunter☆76Updated 8 months ago
- Create Anti-Copy DRM Malware☆54Updated 7 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆90Updated 9 months ago
- ☆53Updated 5 months ago
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆40Updated 9 months ago
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆84Updated 11 months ago
- ☆148Updated last year
- To audit the security of read-only domain controllers☆114Updated last year
- ☆86Updated 10 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆55Updated 3 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆82Updated 5 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- Lateral Movement☆123Updated last year
- Exploit for CVE-2023-27532 against Veeam Backup & Replication☆108Updated 2 years ago
- Tool to aid in dumping LSASS process remotely☆37Updated 7 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- ☆103Updated last month
- CVE-2023-34362: MOVEit Transfer Unauthenticated RCE☆63Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆80Updated last year
- Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445☆42Updated 10 months ago
- Winsocket for Cobalt Strike.☆97Updated last year
- Lateral Movement via the .NET Profiler☆80Updated 4 months ago