Golang PoC that sandboxes Defender (or other PPL) by setting its token integrity to Untrusted.
☆12May 28, 2025Updated 9 months ago
Alternatives and similar repositories for SandboxPPL
Users that are interested in SandboxPPL are comparing it to the libraries listed below
Sorting:
- Dump Lsass Memory Using a Reflective Dll☆14Feb 4, 2022Updated 4 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Apr 21, 2021Updated 4 years ago
- Community Eventing and Scripting examples☆18Aug 11, 2025Updated 6 months ago
- ☆23Mar 9, 2022Updated 3 years ago
- Cheat sheets☆10Jul 4, 2016Updated 9 years ago
- Aggressor Notification Scripts for cobaltstrike via slack & discord☆14Nov 27, 2025Updated 3 months ago
- A cmake template for crystal palace☆39Dec 20, 2025Updated 2 months ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 5 years ago
- Slightly modified version of https://raw.githubusercontent.com/killswitch-GUI/CobaltStrike-ToolKit/master/HTTPsC2DoneRight.sh☆12Nov 16, 2017Updated 8 years ago
- Ansible role to configure redirectors for red team C2☆30Nov 12, 2018Updated 7 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago
- Burp extension for automated handling of CSRF tokens☆16Feb 27, 2018Updated 8 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024☆16Sep 12, 2024Updated last year
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Finding SSL Blindspots for Red Teams☆34Jul 28, 2020Updated 5 years ago
- ☆18Sep 14, 2023Updated 2 years ago
- String or worldlist encoder for use in fuzzing or web application testing☆19Sep 2, 2019Updated 6 years ago
- Tool to perform lateral movement between AAD joined devices☆65Jun 8, 2022Updated 3 years ago
- RDP Checker☆64Feb 23, 2024Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- EmPyre Web Interface☆12Mar 23, 2017Updated 8 years ago
- BasicEventViewer4 (BEV v4.0), this code will useful for All Blue/Purple Teams , RealTime Monitoring Sysmon Events , Mitre Attack Detectio…☆19Jun 22, 2023Updated 2 years ago
- Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources☆13Jun 24, 2018Updated 7 years ago
- HoneyZure is a honeypot tool specifically designed for Azure environments, fully provisioned through Terraform. It leverages a Log Analyt…☆17Jun 11, 2024Updated last year
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago
- Tradecraft Development Fundamentals☆40Aug 6, 2021Updated 4 years ago
- ☆101Aug 23, 2021Updated 4 years ago
- Experimenting with destructive file attacks in Go☆19May 20, 2019Updated 6 years ago
- Modified version of PEAS client for offensive operations☆16Mar 8, 2021Updated 4 years ago
- Dump LSASS process in Task Manager without triggering Defender.☆18Apr 6, 2023Updated 2 years ago
- Simple .NET assembly to interact with services.☆43Sep 27, 2019Updated 6 years ago
- Research into COM☆19Jan 25, 2020Updated 6 years ago
- Ntdll Unhooking POC☆19Aug 12, 2022Updated 3 years ago
- Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.☆19Jun 12, 2022Updated 3 years ago
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆21Dec 15, 2024Updated last year
- Tool to aid in dumping LSASS process remotely☆42Sep 23, 2025Updated 5 months ago