paranoidninja / BRC4-Seminar-Stage-ILinks
These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be found here:
☆20Updated last year
Alternatives and similar repositories for BRC4-Seminar-Stage-I
Users that are interested in BRC4-Seminar-Stage-I are comparing it to the libraries listed below
Sorting:
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆86Updated 2 years ago
- ☆47Updated 2 years ago
- Sniffing files generator☆59Updated 5 months ago
- ☆59Updated last year
- Python module for running BOFs☆72Updated 2 years ago
- Lateral Movement via the .NET Profiler☆82Updated 8 months ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆68Updated 3 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 2 years ago
- Click Once + App Domain☆62Updated last year
- PoC XLL builder in Python/Nim☆46Updated 2 years ago
- A care package of useful bofs for red team engagments☆55Updated 8 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated last year
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- in-process powershell runner for BRC4☆46Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated 2 years ago
- ☆37Updated last year
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆75Updated 2 years ago
- Slide decks and/or materials from conference presentations☆56Updated 2 years ago
- C# havoc implant☆101Updated 2 years ago
- Serverless Redirector in various cloud vendor for red team☆72Updated 2 years ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated 3 months ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆89Updated 2 years ago
- Bunch of BOF files☆33Updated last month
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 8 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆53Updated 3 months ago
- Rewrite to fit my needs☆30Updated last year