simondotsh / DirSync

Related projects: ⓘ

• NotMedic / Invoke-Nanodump
  HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection
  ☆53Updated 2 years ago
• X-C3LL / SharpNTLMRawUnHide
  C# version of NTLMRawUnHide
  ☆71Updated last year
• weaselsec / ClickOnce-AppDomain-Manager-Injection
  Click Once + App Domain
  ☆61Updated 9 months ago
• eversinc33 / SharpStartWebclient
  Programmatically start WebClient from an unprivileged session to enable that juicy privesc.
  ☆60Updated last year
• xct / adopt
  Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.
  ☆12Updated 2 years ago
• jsecu / BOF-pack-1
  A care package of useful bofs for red team engagments
  ☆47Updated last year
• williamknows / BOF.NET
  A .NET Runtime for Cobalt Strike's Beacon Object Files
  ☆57Updated 8 months ago
• t94j0 / sddl_py
  Parse SDDL strings
  ☆33Updated 5 months ago
• Leo4j / KeyCredentialLink
  Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute
  ☆19Updated 3 months ago
• Wh04m1001 / DiagTrackEoP
  ☆87Updated 2 years ago
• klezVirus / SharpLdapRelayScan
  C# Port of LdapRelayScan
  ☆77Updated 2 years ago
• puzzlepeaches / NTLMRecon
  Enumerate information from NTLM authentication enabled web endpoints 🔎
  ☆34Updated last year
• netero1010 / Quser-BOF
  Cobalt Strike BOF for quser.exe implementation using Windows API
  ☆82Updated last year
• JonasBK / Powershell
  ☆25Updated last week
• deepinstinct / AMSI-Unchained
  Unchain AMSI by patching the provider’s unmonitored memory space
  ☆87Updated last year
• wotwot563 / aad_prt_bof
  ☆64Updated 5 months ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆74Updated 3 months ago
• improsec / CaddyStager
  ☆35Updated 2 years ago
• tothi / SharpStay
  .NET project for installing Persistence
  ☆64Updated 2 years ago
• securityandstuff / DynamicFinder
  ☆65Updated this week
• decoder-it / Troopers24
  ☆42Updated 2 months ago
• iamagarre / BadExclusionsNWBO
  BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
  ☆69Updated 7 months ago
• Wh04m1001 / PICDumper
  ☆24Updated 2 years ago
• waawaa / AMSI_Rubeus_bypass
  ☆61Updated 2 years ago
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆51Updated last year
• MaorSabag / LoaderInjector
  ☆18Updated last year
• antroguy / LocklessBof
  Lockless BOF
  ☆62Updated 7 months ago
• laxa / SharpSecretsdump
  Secretsdump C# version only supporting local (live) operation
  ☆47Updated last year
• eversinc33 / Godmode
  Tool for playing with Windows Access Token manipulation.
  ☆50Updated last year
• deh00ni / NtDumpBOF
  ☆79Updated 2 weeks ago