shantanu561993 / ParentProcessIDSpoof
Spoof parent process ID
☆13Updated 5 years ago
Related projects ⓘ
Alternatives and complementary repositories for ParentProcessIDSpoof
- C# code to run PIC using CreateThread☆16Updated 5 years ago
- ☆14Updated 5 years ago
- module for certexfil☆15Updated 2 years ago
- Execute Shellcode And Other Goodies From MMC☆12Updated 9 years ago
- A PowerShell script to prevent Sysmon from writing its events☆14Updated 4 years ago
- Loading and executing shellcode in C# without PInvoke.☆21Updated 2 years ago
- Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.☆13Updated 6 years ago
- ☆14Updated last year
- PoC code from blog☆16Updated 4 years ago
- A PoC to show how to add code to C# and dotNet and make it reusable for Red Team operations. Maybe one day it will be the largest collect…☆17Updated 4 years ago
- A tool to sync mythic events with ghostwriter oplog.☆12Updated 3 years ago
- A C port of b33f's UrbanBishop☆37Updated 4 years ago
- Dump Lsass Memory Using a Reflective Dll☆14Updated 2 years ago
- Ransoblin (Ransomware Bokoblin)☆17Updated 4 years ago
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆17Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- ☆14Updated 4 years ago
- ☆45Updated 3 years ago
- Spin up a reverse proxy quickly on Heroku☆13Updated 3 years ago
- ☆16Updated 5 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆12Updated last year
- ☆11Updated 5 years ago
- A PE morphing tool that allows you to mimic one executable file to another.☆11Updated 11 months ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆11Updated 2 years ago
- ☆10Updated 4 years ago