pwndizzle / com-research

Related projects: ⓘ

• rbmm / SDD
  Self Delete DLL
  ☆23Updated 7 months ago
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆35Updated 3 months ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆29Updated 2 years ago
• klinix5 / PPL-Duck
  ☆16Updated this week
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆12Updated 2 months ago
• thesnoom / extps-cobalt-strike-bof
  Extended Process List (Search functionality)
  ☆27Updated 3 years ago
• N4kedTurtle / SharpTeamsDump
  Dump Teams conversations
  ☆17Updated 3 years ago
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆26Updated last year
• hotnops / COM_Mapper
  A tool to create COM class/interface relationships in neo4j
  ☆47Updated last year
• TheWover / AssemblyLoader
  Loads .NET Assembly Via CLR Loader
  ☆14Updated 5 years ago
• Apr4h / GetInjectedThreads
  C# Implementation of Jared Atkinson's Get-InjectedThread.ps1
  ☆49Updated 3 years ago
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆23Updated 4 months ago
• Meckazin / HidingFromETW
  PoC for detecting and evading ETW detection of .Net Assembly.Load
  ☆17Updated 4 years ago
• EspressoCake / DLL_Version_Enumeration_BOF
  A BOF for enumerating version information for DLLs associated for a Beacon process.
  ☆12Updated 2 years ago
• V3ded / ToolDump-v1
  Some of my custom "tools".
  ☆22Updated 2 years ago
• waldo-irc / JYang
  ☆14Updated 2 years ago
• jsecurity101 / LDAPMon
  ☆43Updated 10 months ago
• G0ldenGunSec / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated 10 months ago
• 0xe7 / EventSniper
  ☆20Updated 10 months ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆37Updated last year
• sk3w / beacon-object-files
  Miscellaneous examples for use with Cobalt Strike Beacon
  ☆10Updated 3 years ago
• nickvangilder / To-Safe-Mode-And-Beyond
  A tool for leveraging elevated acess over a computer to boot the computer into Windows Safe Mode, alter settings, and then boot back into…
  ☆16Updated 2 years ago
• VirtualAlllocEx / Create_Thread_Inline_Assembly_x86
  This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly
  ☆17Updated last year
• tomcarver16 / Athena
  An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…
  ☆22Updated 4 years ago
• SolomonSklash / netntlm
  A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP
  ☆32Updated 3 years ago
• outflanknl / unmanaged-dotnet-patch
  Modify managed functions from unmanaged code
  ☆49Updated 7 months ago
• kartikdurg / Enum-LSASS
  LSASS enumeration like pypykatz written in C-Lang
  ☆20Updated 2 years ago
• janoglezcampos / FindItByCalls
  Hacky code for extracting calls in DLLs by function
  ☆14Updated 2 years ago
• houseofxyz / windows-ps-callbacks-experiments
  Files for http://blog.deniable.org/posts/windows-callbacks/
  ☆12Updated last year
• mdsecactivebreach / SharpAltiris
  ☆24Updated 2 years ago