passthehashbrowns / Being-A-Good-CLR-HostLinks
☆62Updated 4 months ago
Alternatives and similar repositories for Being-A-Good-CLR-Host
Users that are interested in Being-A-Good-CLR-Host are comparing it to the libraries listed below
Sorting:
- ☆99Updated last year
- ForsHops☆53Updated 2 months ago
- Linker for Beacon Object Files☆70Updated this week
- ☆61Updated last year
- ☆106Updated 4 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆91Updated 3 weeks ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆77Updated 3 months ago
- ☆110Updated 6 months ago
- ☆111Updated 4 months ago
- A process injection technique using only thread context manipulation☆38Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆87Updated 4 months ago
- ☆31Updated 9 months ago
- ☆40Updated this week
- ☆125Updated 9 months ago
- Threadless shellcode injection tool☆64Updated 10 months ago
- Execute dotnet app from unmanaged process☆75Updated 5 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆58Updated 6 months ago
- Bypassing Amsi using LdrLoadDll☆44Updated 4 months ago
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- Rust template/library for implementing your own COFF loader☆50Updated 4 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆123Updated 4 months ago
- ☆96Updated 9 months ago
- Find DLLs with RWX section☆81Updated last year
- Shellcode Loader Utilizing ETW Events☆63Updated 3 months ago
- remote process injections using pool party techniques☆60Updated 3 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆46Updated 3 weeks ago
- TypeLib persistence technique☆115Updated 7 months ago
- shell code example☆49Updated 2 weeks ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year