nbaertsch / AutoAppDomainHijackLinks
Automated .NET AppDomain hijack payload generation
☆127Updated 8 months ago
Alternatives and similar repositories for AutoAppDomainHijack
Users that are interested in AutoAppDomainHijack are comparing it to the libraries listed below
Sorting:
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆146Updated last year
- ☆109Updated 7 months ago
- Abuse leaked token handles.☆132Updated last year
- A C# port from Invoke-GhostTask☆117Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆119Updated last year
- ☆122Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆142Updated 6 months ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆126Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆102Updated 6 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 7 months ago
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆72Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- ☆91Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆157Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Updated last year
- Create Anti-Copy DRM Malware☆65Updated last year
- ☆82Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆58Updated 9 months ago
- Lateral Movement☆124Updated last year
- Your syscall factory☆124Updated last week
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆120Updated 10 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆98Updated 11 months ago
- Python tool to interact with WMI StdRegProv☆60Updated 10 months ago
- ☆192Updated 6 months ago