netbiosX / Digital-Signature-Hijack
Binaries, PowerShell scripts and information about Digital Signature Hijacking.
☆210Updated 6 years ago
Related projects: ⓘ
- Windows 10 LPE (UAC Bypass) in Windows Store (WSReset.exe)☆263Updated 4 years ago
- Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/☆169Updated 4 years ago
- The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…☆324Updated 2 years ago
- Use CLR to inject all the .NET apps☆183Updated 3 years ago
- Universal Unhooking☆312Updated 6 years ago
- a tool to make it easy and fast to test various forms of injection☆172Updated 5 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆221Updated 5 years ago
- Windows 10 CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM☆113Updated 4 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆375Updated 4 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆342Updated 4 years ago
- ☆347Updated 2 years ago
- Example DLL to load from Windows NetShell☆175Updated 7 years ago
- Evading WinDefender ATP credential-theft☆251Updated 4 years ago
- Just another Windows Process Injection☆387Updated 4 years ago
- A meterpreter extension for applying hooks to avoid windows defender memory scans☆237Updated 4 years ago
- Lateral Movement technique using DCOM and HTA☆228Updated last year
- OffensivePH - use old Process Hacker driver to bypass several user-mode access controls☆327Updated 2 years ago
- Scripts for performing and detecting parent PID spoofing☆136Updated 4 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆317Updated 4 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆155Updated 5 years ago
- An attempt at Process Doppelgänging☆183Updated 6 years ago
- Create a minidump of the LSASS process from memory☆254Updated last year
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆315Updated 7 years ago
- ☆116Updated this week
- Cobalt Strike Python API☆291Updated 2 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆224Updated 4 years ago
- Windows 8.1 and 10 UAC bypass abusing WinSxS in "dccw.exe".☆381Updated 4 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆331Updated last year
- Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loadi…☆212Updated 8 months ago
- Windows 10 Privilege Escalation (magnifier.exe) via Dll Search Order Hijacking☆136Updated 4 years ago