sensepost / mydumbedr
☆105Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for mydumbedr
- POC for frustrating/defeating Malware Analysts☆150Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆145Updated 11 months ago
- ☆126Updated 3 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆80Updated 4 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Find DLLs with RWX section☆75Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆104Updated 6 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆146Updated 3 weeks ago
- Example code samples from our ScriptBlock Smuggling Blog post☆83Updated 5 months ago
- ☆73Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆174Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆135Updated 6 months ago
- ☆142Updated last year
- Living Off the Foreign Land setup scripts☆63Updated 3 weeks ago
- ☆175Updated 11 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆190Updated 5 months ago
- ☆112Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- Do some DLL SideLoading magic☆75Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆90Updated 10 months ago
- Lateral Movement via the .NET Profiler☆76Updated 5 months ago
- Local & remote Windows DLL Proxying☆161Updated 5 months ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆113Updated 4 months ago
- Tool for playing with Windows Access Token manipulation.☆52Updated last year
- ☆133Updated last year
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆108Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆114Updated 5 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year