A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes.
☆45May 10, 2021Updated 4 years ago
Alternatives and similar repositories for Mimir
Users that are interested in Mimir are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Files related to my presentation at SigSegV2 conference in 2019. You can find related papers on my blog☆13Dec 12, 2019Updated 6 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- C# utility that uses WMI to run "cmd.exe /c netstat -n", save the output to a file, then use SMB to read and delete the file remotely☆39Jan 3, 2020Updated 6 years ago
- Bash script to take the powerkatz.dll files, encode them using base64 and then replace the old binaries with the new in the Invoke-Mimika…☆16Oct 8, 2016Updated 9 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- with metasploit☆63Apr 19, 2020Updated 5 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Oct 15, 2019Updated 6 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Nov 15, 2016Updated 9 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Sep 2, 2019Updated 6 years ago
- Burp extension for automated handling of CSRF tokens☆16Feb 27, 2018Updated 8 years ago
- Resources from my journey into Windows binary exploitation☆24Jan 14, 2019Updated 7 years ago
- Visual Studio (C++) Solution Template for Payloads☆18Oct 30, 2019Updated 6 years ago
- This repo contains code of JScript .NET which can be used as alternative to csc.exe to run potentially malicious code, which ships in all…☆13Nov 8, 2019Updated 6 years ago
- ☆53Feb 27, 2017Updated 9 years ago
- Reproducible and extensible BloodHound playbooks☆44Jan 20, 2020Updated 6 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆64Nov 22, 2019Updated 6 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆149Feb 15, 2020Updated 6 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- A collection of shell code conversion scripts that I have written over time for repetitive tasks☆19Jul 6, 2019Updated 6 years ago
- PoC of injecting code into a running Linux process☆23Sep 11, 2019Updated 6 years ago
- Persistent through COM Hijacking☆22Jan 15, 2019Updated 7 years ago
- Generate Mimikatz Golden Ticket commands with ease!☆51Dec 4, 2020Updated 5 years ago
- Remote process dumping automation. Use it to dump Windows credentials remotely and extract clear text with Mimikatz offline☆35Jan 3, 2020Updated 6 years ago
- PowerAvails is a unit of collection of Powershell modules that help you get done many things☆118May 31, 2019Updated 6 years ago
- Just another Windows Process Injection☆409Aug 7, 2020Updated 5 years ago
- Slides for my Levelup0x05 talk, "Hardware Hacking for the Masses (and you!)"☆31Oct 26, 2019Updated 6 years ago
- ☆127Jun 19, 2020Updated 5 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆13Jun 24, 2018Updated 7 years ago
- Collection of BOFs for Cobalt Strike☆32Mar 28, 2023Updated 2 years ago
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- Executes position independent shellcode from an encrypted zip☆304Dec 22, 2020Updated 5 years ago
- C# Situational Awareness Script☆34Apr 26, 2019Updated 6 years ago
- Attacking and defending web and VPN session hijacking in Pulse Secure Connect☆14Oct 24, 2019Updated 6 years ago
- A Cobalt Strike tool to audit Active Directory user accounts for weak, well known or easy guessable passwords.☆442Apr 1, 2022Updated 3 years ago
- A repository for my conference presentations☆35Feb 18, 2020Updated 6 years ago
- lateral movement techniques that can be used during red team exercises☆277Jan 13, 2020Updated 6 years ago
- Reverse Windows shell over TLS☆19Mar 3, 2016Updated 10 years ago