sinfulz / JustGetDA
JustGetDA, a cheat sheet which will aid you through internal network & red team engagements.
☆12Updated last year
Related projects ⓘ
Alternatives and complementary repositories for JustGetDA
- Unchain AMSI by patching the provider’s unmonitored memory space☆88Updated last year
- This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.☆10Updated last year
- Items related to the RedELK workshop given at security conferences☆27Updated last year
- ☆59Updated 3 months ago
- HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation☆15Updated 4 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- Just another ntdll unhooking using Parun's Fart technique☆72Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated 5 months ago
- Determine if the WebClient Service (WebDAV) is running on a remote system☆16Updated 8 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- ☆37Updated 3 weeks ago
- ☆46Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆38Updated 10 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆81Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 6 months ago
- in-process powershell runner for BRC4☆37Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆17Updated last year
- ☆15Updated last month
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated 10 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆38Updated last year
- Reasonably undetected shellcode stager and executer.☆35Updated 2 months ago
- A care package of useful bofs for red team engagments☆48Updated 2 years ago
- ☆26Updated 3 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- ☆58Updated 11 months ago
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆13Updated 2 years ago