ricardojoserf / SharpSelfDelete
PoC to self-delete a binary in C#
☆25Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for SharpSelfDelete
- Click Once + App Domain☆62Updated 11 months ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆19Updated 5 months ago
- ☆24Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆29Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆70Updated 3 weeks ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- in-process powershell runner for BRC4☆37Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆81Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆24Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆35Updated 9 months ago
- ☆19Updated 5 months ago
- Bypassing Amsi using LdrLoadDll☆22Updated 3 weeks ago
- Modify managed functions from unmanaged code☆49Updated 9 months ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆32Updated 11 months ago
- Rewrite to fit my needs☆25Updated 3 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆30Updated 7 months ago
- ☆22Updated 6 months ago
- ☆26Updated 3 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆18Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆37Updated 10 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆36Updated 11 months ago
- Bunch of BOF files☆23Updated 9 months ago
- ☆46Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆87Updated 9 months ago
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆42Updated 3 months ago