sensepost / mydumbedr
☆113Updated last year
Alternatives and similar repositories for mydumbedr:
Users that are interested in mydumbedr are comparing it to the libraries listed below
- ☆148Updated 3 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆111Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- POC for frustrating/defeating Malware Analysts☆153Updated 2 years ago
- Adversary Emulation Framework☆91Updated 7 months ago
- Do some DLL SideLoading magic☆79Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆111Updated 10 months ago
- Finding secrets in kernel and user memory☆115Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆194Updated 9 months ago
- ☆142Updated 7 months ago
- Construct the payload at runtime using an array of offsets☆62Updated 8 months ago
- Find DLLs with RWX section☆76Updated last year
- ☆134Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆116Updated 9 months ago
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆118Updated 8 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆118Updated this week
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 8 months ago
- A Mythic Agent written in PIC C.☆175Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 7 months ago
- Your syscall factory☆120Updated last week
- ☆108Updated 3 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆145Updated 10 months ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆202Updated 2 years ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆182Updated 3 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆90Updated last year
- ☆148Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆98Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆90Updated 2 years ago