paranoidninja / BRC4-Seminar-Stage-I
These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be found here:
☆18Updated last year
Related projects: ⓘ
- ☆47Updated last year
- A care package of useful bofs for red team engagments☆47Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆60Updated last year
- ☆57Updated 9 months ago
- Python module for running BOFs☆63Updated last year
- Click Once + App Domain☆61Updated 9 months ago
- ☆54Updated last month
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆77Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆32Updated 8 months ago
- Rewrite to fit my needs☆25Updated last month
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆18Updated 2 years ago
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- ☆45Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆70Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆25Updated 11 months ago
- maldev obviously☆23Updated 2 months ago
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.☆10Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆15Updated 6 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆21Updated last week
- A VSCode devcontainer for development of COFF files with batteries included.☆47Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆32Updated 3 months ago
- Simple .NET loader for loading and executing Powershell payloads☆13Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- Threadless Injection Payload Toolkit☆11Updated 11 months ago
- Lockless BOF☆62Updated 7 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆79Updated last year
- Lateral Movement via the .NET Profiler☆74Updated 3 months ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago