n0tspam / RunspaceLoaderLinks
Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
☆13Updated last year
Alternatives and similar repositories for RunspaceLoader
Users that are interested in RunspaceLoader are comparing it to the libraries listed below
Sorting:
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- Pure PowerShell port of PassTheCert tool to authenticate to an LDAP/S server with a certificate through Schannel☆37Updated 2 months ago
- ☆48Updated 2 years ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆56Updated last year
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆40Updated last year
- in-process powershell runner for BRC4☆45Updated last year
- A repository with my code snippets for research/education purposes.☆50Updated last year
- Cobalt Strike BOFS☆16Updated last year
- a C# implementation for a shellcode loader that capable to bypass Cortex XDR and Sophos EDR.☆52Updated last month
- ☆44Updated 11 months ago
- ☆28Updated 2 years ago
- Docker container for running CobaltStrike 4.10☆37Updated 9 months ago
- SAM Dumping in C#☆48Updated 5 months ago
- Duplicate not owned Token from Running Process☆72Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆56Updated 3 years ago
- Brief writeup of post exploitation methodologies.☆18Updated last year
- ☆24Updated 8 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆40Updated last year
- ☆55Updated 8 months ago
- Extract registry and NTDS secrets from local or remote disk images☆43Updated 3 months ago
- Beacon Object Files (BOF) for Cobalt Strike.☆31Updated 10 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Tool to obtain hash using MS-SNTP for user accounts☆24Updated 5 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆32Updated 2 months ago
- PowerShell script to terminate protected processes such as anti-malware and EDRs.☆26Updated 2 years ago
- time-based user enum via Basic Auth in Azure against Autodiscover☆32Updated 8 months ago
- A tool to abuse weak permissions of Active Directory Discretionary Access Control Lists (DACLs) and Access Control Entries (ACEs)☆57Updated 3 weeks ago