a tool to make it easy and fast to test various forms of injection
☆174May 2, 2019Updated 6 years ago
Alternatives and similar repositories for vulcan
Users that are interested in vulcan are comparing it to the libraries listed below
Sorting:
- Bash one-liner that will parse harmj0y's SharpRoast or Rebeus kerberoast into hashcat crack-able format.☆32Feb 28, 2019Updated 7 years ago
- Process reimaging proof of concept code☆97Jun 21, 2019Updated 6 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- Evading WinDefender ATP credential-theft☆255Dec 2, 2019Updated 6 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆231May 30, 2019Updated 6 years ago
- ☆42Aug 10, 2019Updated 6 years ago
- ☆54Apr 27, 2019Updated 6 years ago
- Also known by Microsoft as Knifecoat☆1,152Dec 22, 2022Updated 3 years ago
- ☆110May 14, 2018Updated 7 years ago
- Lateral Movement technique using DCOM and HTA☆235Oct 18, 2022Updated 3 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆117May 23, 2019Updated 6 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- Provides In-memory compilation and reflective loading of C# apps for AV evasion.☆372Feb 23, 2024Updated 2 years ago
- External C2 Using IE COM Objects☆100Feb 24, 2019Updated 7 years ago
- ☆54Aug 13, 2018Updated 7 years ago
- Fuzzer for finding Open Mail Relays☆14Oct 21, 2020Updated 5 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆824Mar 10, 2022Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- Helper script for mangling CS payloads☆51May 5, 2019Updated 6 years ago
- Silence EDRs by removing kernel callbacks☆239Dec 7, 2020Updated 5 years ago
- XPN's RpcEnum but based on IDA instead of Ghidra☆21Aug 17, 2019Updated 6 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- A PowerShell script to prevent Sysmon from writing its events☆17Apr 23, 2020Updated 5 years ago
- GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects☆251Sep 26, 2020Updated 5 years ago
- ☆484Jun 2, 2023Updated 2 years ago
- Obfuscate specific windows apis with different apis☆1,022Feb 21, 2021Updated 5 years ago
- Library for using direct system calls☆35Jan 30, 2025Updated last year
- Payload Generation Framework☆1,976Aug 21, 2024Updated last year
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆61Jul 10, 2024Updated last year
- Recon-AD, an AD recon tool based on ADSI and reflective DLL’s☆331Oct 20, 2019Updated 6 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago
- ☆350Feb 21, 2022Updated 4 years ago
- Constrained Language Mode + AMSI bypass all in one☆156Jul 29, 2019Updated 6 years ago
- Phantom DLL hollowing PoC☆372May 23, 2022Updated 3 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago