nafiez / DataBlockNTLMLeakLinks
Windows Shell Link (LNK) Proof of Concept
☆14Updated this week
Alternatives and similar repositories for DataBlockNTLMLeak
Users that are interested in DataBlockNTLMLeak are comparing it to the libraries listed below
Sorting:
- ☆37Updated 3 months ago
- Hollowise is a tool that implements process hollowing and PPID (Parent Process ID) spoofing techniques for masking a legitimate analysis …☆36Updated 3 months ago
- ☆18Updated last week
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆17Updated 5 months ago
- ☆22Updated 2 months ago
- ☆55Updated 7 months ago
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆39Updated 7 months ago
- A pure C version of SymProcAddress☆26Updated last year
- Lena's scripts/code/resources for malware analysis☆27Updated 11 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated 10 months ago
- Tool to obtain hash using MS-SNTP for user accounts☆23Updated 4 months ago
- Situational Awareness script to identify how and where to run implants☆50Updated 6 months ago
- Enable or Disable TokenPrivilege(s)☆13Updated last year
- ☆18Updated 2 weeks ago
- Docker container for running CobaltStrike 4.10☆37Updated 8 months ago
- Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)☆35Updated this week
- Windows Administrator level Implant.☆49Updated 8 months ago
- Mythic C2 wrapper for NimSyscallPacker☆25Updated 2 months ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆20Updated 2 months ago
- BOF for C2 framework☆41Updated 6 months ago
- POC of GITHUB simple C2 in rust☆53Updated 4 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆43Updated 3 weeks ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆39Updated 3 weeks ago
- Explore and filter your GitHub starred repositories☆27Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆32Updated last month
- ☆34Updated 2 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated last year
- POC for CVE-2024-3183 (FreeIPA Rosting)☆22Updated 9 months ago
- ☆31Updated 3 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆42Updated 10 months ago