n0tspam / RunspaceLoader
Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
☆13Updated last year
Alternatives and similar repositories for RunspaceLoader:
Users that are interested in RunspaceLoader are comparing it to the libraries listed below
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 7 months ago
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 7 months ago
- ☆46Updated last year
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated 2 years ago
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆25Updated last year
- ☆39Updated this week
- Source code and examples for PassiveAggression.☆54Updated 7 months ago
- in-process powershell runner for BRC4☆45Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆70Updated last year
- A repository with my code snippets for research/education purposes.☆50Updated last year
- GetSystem-LCI is a PowerShell script to escalate privileges from Administrator to NT AUTHORITY\SYSTEM by abusing LanguageComponentsInstal…☆29Updated last month
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- Cobalt Strike BOFS☆16Updated last year
- Lifetime AMSI bypass.☆35Updated 6 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆44Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆31Updated 2 years ago
- ☆43Updated 6 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆73Updated 3 months ago
- Tool to aid in dumping LSASS process remotely☆35Updated 5 months ago
- Brief writeup of post exploitation methodologies.☆17Updated last year
- Impacket pre-compiled binaries☆15Updated last year
- PowerShell script to terminate protected processes such as anti-malware and EDRs.☆27Updated last year
- ☆45Updated 2 months ago
- Secretsdump C# version only supporting local (live) operation☆47Updated last year
- Some of the presentations, workshops, and labs I gave at public conferences.☆29Updated 4 months ago
- ☆25Updated last year
- Automatically extract and decrypt all configured scanning credentials of a Lansweeper instance.☆35Updated last month
- DFSCoerce exe revisited version with custom authentication☆38Updated last year