rasta-mouse / PPEnum
Simple BOF to read the protection level of a process
☆114Updated last year
Alternatives and similar repositories for PPEnum:
Users that are interested in PPEnum are comparing it to the libraries listed below
- Lateral Movement via the .NET Profiler☆79Updated 2 months ago
- ☆115Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆89Updated 2 years ago
- Implant drop-in for EDR testing☆134Updated last year
- ☆61Updated 2 years ago
- ☆134Updated last year
- ☆122Updated 5 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- AzureAD beacon object files☆108Updated last month
- Modified versions of the Cobalt Strike Process Injection Kit☆92Updated last year
- Find DLLs with RWX section☆76Updated last year
- ☆123Updated last year
- ☆99Updated 9 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- ☆120Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆69Updated 3 weeks ago
- ☆139Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆71Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆111Updated last year
- ☆138Updated last year
- ☆107Updated 2 months ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆125Updated 11 months ago
- Library of BOFs to interact with SQL servers☆157Updated 2 months ago
- ☆74Updated last year
- Run Cobalt Strike BOFs in Brute Ratel C4!☆61Updated last month
- Beacon Object File allowing creation of Beacons in different sessions.☆78Updated 2 years ago
- ☆92Updated 3 weeks ago