nbaertsch / AutoAppDomainHijackLinks
Automated .NET AppDomain hijack payload generation
☆127Updated 6 months ago
Alternatives and similar repositories for AutoAppDomainHijack
Users that are interested in AutoAppDomainHijack are comparing it to the libraries listed below
Sorting:
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- Abuse leaked token handles.☆132Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- ☆110Updated 6 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆122Updated 10 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- Remotely Enumerate sessions using undocumented Windows Station APIs☆119Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆54Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- A C# port from Invoke-GhostTask☆118Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆83Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆101Updated 5 months ago
- ☆90Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆157Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- Lateral Movement☆124Updated last year
- Chrome browser extension-based Command & Control☆166Updated last month
- Opsec tool for finding user sessions by analyzing event log files through RPC (MS-EVEN)☆72Updated last year
- Create Anti-Copy DRM Malware☆63Updated last year
- C++ Staged Shellcode Loader with Evasion capabilities.☆94Updated 10 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆187Updated 6 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- ☆76Updated 3 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Evasive Golang Loader☆134Updated last year
- ☆119Updated 5 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 4 months ago
- ☆191Updated 4 months ago
- ☆164Updated last year