Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
☆12May 28, 2025Updated 9 months ago
Alternatives and similar repositories for SandboxPPL
Users that are interested in SandboxPPL are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 4 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Tool to perform lateral movement between AAD joined devices☆66Jun 8, 2022Updated 3 years ago
- A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024☆16Sep 12, 2024Updated last year
- ☆23Mar 9, 2022Updated 4 years ago
- ScareCrow loader binary source which easier to read and learn☆25Apr 14, 2022Updated 3 years ago
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 7 months ago
- Modified version of PEAS client for offensive operations☆16Mar 8, 2021Updated 5 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- ☆24Sep 26, 2021Updated 4 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆13Jun 24, 2018Updated 7 years ago
- Aggressor Notification Scripts for cobaltstrike via slack & discord☆14Nov 27, 2025Updated 3 months ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 3 months ago
- RDP Checker☆64Feb 23, 2024Updated 2 years ago
- ☆50May 12, 2021Updated 4 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- Ansible role to configure redirectors for red team C2☆30Nov 12, 2018Updated 7 years ago
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago
- ☆18Sep 14, 2023Updated 2 years ago
- A simple BOF implementation of klist using Windows API☆32Jul 7, 2022Updated 3 years ago
- An implementation and proof-of-concept of Process Forking.☆230Nov 29, 2021Updated 4 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆67Mar 6, 2026Updated 2 weeks ago
- Experimenting with destructive file attacks in Go☆18May 20, 2019Updated 6 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- Ntdll Unhooking POC☆19Aug 12, 2022Updated 3 years ago
- Tradecraft Development Fundamentals☆40Aug 6, 2021Updated 4 years ago
- Finding SSL Blindspots for Red Teams☆34Jul 28, 2020Updated 5 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago
- A Post exploitation tool written in C# uses either CIM or WMI to query remote systems.☆201Sep 21, 2021Updated 4 years ago
- ☆32Jun 22, 2022Updated 3 years ago
- Outlook persistence using VSTO add-ins☆87Jan 9, 2021Updated 5 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆59Nov 21, 2024Updated last year
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year