peiga / DumpThatLSASSLinks
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
☆31Updated 3 years ago
Alternatives and similar repositories for DumpThatLSASS
Users that are interested in DumpThatLSASS are comparing it to the libraries listed below
Sorting:
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆87Updated 2 years ago
- ☆60Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆90Updated 3 years ago
- Find DLLs with RWX section☆81Updated 2 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 3 years ago
- Info related to the Outflank training: Microsoft Office Offensive Tradecraft☆50Updated last year
- Token Elevation to authorized user as SYSTEM or Domain Admins☆24Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- Bunch of BOF files☆35Updated 3 months ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- Python module for running BOFs☆72Updated 2 years ago
- Threadless Injection Payload Toolkit☆13Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆40Updated 2 years ago
- ☆47Updated 2 years ago
- A more reliable way of resolving syscall numbers in Windows☆52Updated last year
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- A C# port of the MinHook API hooking library☆56Updated 3 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆68Updated last year
- Sniffing files generator☆59Updated 7 months ago
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆65Updated last year
- RPC to WebClient startup☆51Updated last month
- Click Once + App Domain☆63Updated last year
- ☆112Updated 10 months ago
- A care package of useful bofs for red team engagments☆55Updated 10 months ago
- EvtPsst☆55Updated last year
- Slide decks and/or materials from conference presentations☆56Updated 2 years ago