pwndizzle / com-researchLinks
Research into COM
☆19Updated 5 years ago
Alternatives and similar repositories for com-research
Users that are interested in com-research are comparing it to the libraries listed below
Sorting:
- Self Delete DLL☆23Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- A tool to create COM class/interface relationships in neo4j☆50Updated 2 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆20Updated 4 years ago
- ☆23Updated 3 years ago
- ☆36Updated last year
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆16Updated 11 months ago
- Loads .NET Assembly Via CLR Loader☆16Updated 6 years ago
- Extended Process List (Search functionality)☆29Updated 4 years ago
- Some stuff for PHD2021☆14Updated 2 weeks ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆53Updated 3 years ago
- Simple and sane cryptographic wrapper library.☆27Updated 2 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Updated 3 years ago
- ☆48Updated 4 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 3 years ago
- Tool to manage user privileges☆28Updated 5 years ago
- Playing with PE's and Building Structures by Hand☆22Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- Hacky code for extracting calls in DLLs by function☆15Updated 3 years ago
- Files for http://blog.deniable.org/posts/windows-callbacks/☆12Updated 2 years ago
- Some of my custom "tools".☆23Updated 3 years ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- RunPE adapted for x64 and written in C, does not use RWX☆25Updated last year
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Updated 3 years ago
- Disable PPL via custom driver and dump lsass☆15Updated 4 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- ☆25Updated 2 years ago