sensepost / mydumbedr
☆101Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for mydumbedr
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆145Updated 10 months ago
- Do some DLL SideLoading magic☆74Updated last year
- POC for frustrating/defeating Malware Analysts☆149Updated 2 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆114Updated 5 months ago
- Find DLLs with RWX section☆75Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆134Updated 5 months ago
- Tool for playing with Windows Access Token manipulation.☆51Updated last year
- Construct the payload at runtime using an array of offsets☆58Updated 4 months ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆84Updated last year
- ☆73Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆138Updated 3 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- Simple BOF to read the protection level of a process☆104Updated last year
- Slide decks and/or materials from conference presentations☆54Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆80Updated 4 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆83Updated 4 months ago
- ☆142Updated last year
- Identify and exploit leaked handles for local privilege escalation.☆105Updated last year
- ☆133Updated last year
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆108Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆173Updated last year
- ☆116Updated 2 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- Living Off the Foreign Land setup scripts☆62Updated 2 weeks ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆101Updated last year