nbaertsch / AutoAppDomainHijack
Automated .NET AppDomain hijack payload generation
☆121Updated last month
Alternatives and similar repositories for AutoAppDomainHijack:
Users that are interested in AutoAppDomainHijack are comparing it to the libraries listed below
- ☆151Updated this week
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆118Updated 5 months ago
- Stage 0☆154Updated 3 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆172Updated last month
- ☆125Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆86Updated last year
- ☆86Updated 10 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆149Updated 2 weeks ago
- Create Anti-Copy DRM Malware☆54Updated 7 months ago
- ☆146Updated 7 months ago
- Abuse leaked token handles.☆131Updated last year
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆133Updated last month
- Adversary Emulation Framework☆92Updated 8 months ago
- ☆121Updated last year
- A Mythic agent for Windows written in C☆101Updated this week
- ☆103Updated last month
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆64Updated 9 months ago
- C or BOF file to extract WebKit master key to decrypt user cookie☆192Updated 10 months ago
- A C# port from Invoke-GhostTask☆113Updated last year
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆117Updated last month
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆47Updated last month
- Example code samples from our ScriptBlock Smuggling Blog post☆90Updated 9 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- C# havoc implant☆100Updated 2 years ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆72Updated 3 weeks ago
- ☆54Updated 5 months ago