rasta-mouse / Fork-n-RunView external linksLinks
☆73Oct 24, 2021Updated 4 years ago
Alternatives and similar repositories for Fork-n-Run
Users that are interested in Fork-n-Run are comparing it to the libraries listed below
Sorting:
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- ☆53Oct 20, 2020Updated 5 years ago
- Send and receive messages over Named Pipes asynchronously.☆39Sep 17, 2021Updated 4 years ago
- Hardened Proof of Concept of D/Invoke Process Injection malware☆42Jul 23, 2020Updated 5 years ago
- .NET 4.0 Remote Desktop Manager Password Gatherer☆81Sep 29, 2020Updated 5 years ago
- .NET 4.0 WinRM API Command Execution☆166Sep 11, 2020Updated 5 years ago
- Managed assembly shellcode generation☆280Mar 19, 2021Updated 4 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆130May 25, 2021Updated 4 years ago
- A small .NET compression utility☆57Feb 2, 2022Updated 4 years ago
- A "no frills" 1 class-only, C# .NET command line parser with support for - and / args, switches only, and Name : Values☆34Jan 20, 2026Updated 3 weeks ago
- .NET 4.0 Scheduled Job Lateral Movement☆90Aug 25, 2020Updated 5 years ago
- dem sharp donuts☆202Sep 11, 2022Updated 3 years ago
- Aggressor Script to Execute Assemblies from Github☆71Nov 30, 2020Updated 5 years ago
- A simple POC to demonstrate the power of .NET debugging for injection☆73Aug 11, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- PE File Blessing - To continue or not to continue☆87Nov 23, 2019Updated 6 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Apr 9, 2019Updated 6 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Basic C# Project that will take an MSBuild payload and run it with MSBuild via ClickOnce.☆93Oct 24, 2020Updated 5 years ago
- My CobaltStrike BOFS☆165Jul 23, 2022Updated 3 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- ☆127Jun 19, 2020Updated 5 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Two C# RunPE's capable of x86 and x64 injections☆11Dec 2, 2018Updated 7 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago
- Proper Payload Protection Prevents Poor Performance☆76Jul 27, 2022Updated 3 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆101Sep 30, 2020Updated 5 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- ☆38Oct 12, 2020Updated 5 years ago
- This tool enables the compilation of a C# program that will execute arbitrary PowerShell code, without launching PowerShell processes thr…☆196Jul 26, 2020Updated 5 years ago
- ☆362Apr 24, 2021Updated 4 years ago
- A port of FuzzySecurity's UrbanBishop project for inline shellcode execution☆119Sep 29, 2020Updated 5 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- CloudFlare Worker Shell☆14Aug 29, 2020Updated 5 years ago
- A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.☆220May 3, 2023Updated 2 years ago