rmdavy / AmsiPEBWalkVBAView external linksLinks
Walking the PEB in VBA
☆24Apr 6, 2020Updated 5 years ago
Alternatives and similar repositories for AmsiPEBWalkVBA
Users that are interested in AmsiPEBWalkVBA are comparing it to the libraries listed below
Sorting:
- ☆16Apr 14, 2020Updated 5 years ago
- Kibana app for RedELK☆18Mar 19, 2023Updated 2 years ago
- A project to replicate the functionality of Noah Powers' ServerSetup script, but with error handling and fixed Namecheap API support.☆33Oct 1, 2021Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Protect your servers with a secret header☆29Jun 12, 2020Updated 5 years ago
- A small .NET compression utility☆57Feb 2, 2022Updated 4 years ago
- AMSI Bypass Via the Heap☆107Nov 20, 2020Updated 5 years ago
- Inject Encrypted Commands Into EMF Shapes for C2 In VBA / Office Malware☆39Jul 10, 2020Updated 5 years ago
- ☆38Mar 4, 2020Updated 5 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 4 years ago
- Fake SMB and SAMR data☆11Oct 27, 2019Updated 6 years ago
- ☆13Jul 30, 2021Updated 4 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 5 years ago
- ☆19Nov 26, 2020Updated 5 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 2 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- C# code to run PIC using CreateThread☆17Apr 19, 2019Updated 6 years ago
- A PowerShell script to prevent Sysmon from writing its events☆16Apr 23, 2020Updated 5 years ago
- Python api for usage with cobalt strike's External C2 specification☆72Feb 15, 2018Updated 7 years ago
- Bypass AMSI and Defender using Ordinal Values☆41Apr 15, 2020Updated 5 years ago
- Scripts to automate standing up apache2 with mod_rewrite in front of C2 servers.☆47Feb 17, 2021Updated 4 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆162May 27, 2020Updated 5 years ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆80Mar 30, 2023Updated 2 years ago
- An injector that aims to be stealthy by using non suspicious API calls. Inspired by (https://github.com/FuzzySecurity/Sharp-Suite/tree/ma…☆24Jun 17, 2020Updated 5 years ago
- A command-line tool for reconnaissance and targeted write operations on Confluence and Jira instances.☆13Jan 15, 2025Updated last year
- .Net Assembly to block ETW telemetry in current process☆81May 14, 2020Updated 5 years ago
- Run shellcode from resource☆260Dec 13, 2020Updated 5 years ago
- Using outlook COM objects to create convincing phishing emails without the user noticing. This project is meant for internal phishing.☆155Dec 22, 2020Updated 5 years ago
- Remote Thread Injection by C# + Delegate Techniques☆12Jun 6, 2023Updated 2 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 7 months ago
- Some Hashcat Rules for 2020 and beyond. Contributions encouraged!☆26May 26, 2022Updated 3 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated last year
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆36Dec 12, 2025Updated 2 months ago
- Spray a hash via smb to check for local administrator access☆142Feb 7, 2021Updated 5 years ago
- A Canary which fires when uninstalled☆34Mar 16, 2021Updated 4 years ago
- Capture screenshots from .NET using .NET methods or Windows API calls☆67Mar 9, 2020Updated 5 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- Standalone version of my AES Powershell payload for Cobalt Strike.☆111Dec 27, 2019Updated 6 years ago
- Spin up a reverse proxy quickly on Heroku☆15Dec 5, 2020Updated 5 years ago