sliverarmory / nanodump
Dump LSASS like you mean it
☆11Updated 7 months ago
Alternatives and similar repositories for nanodump:
Users that are interested in nanodump are comparing it to the libraries listed below
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆34Updated 4 years ago
- A little implant which SSH's back with a shell☆36Updated 3 years ago
- Perform Windows domain enumeration via LDAP☆36Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆26Updated 2 years ago
- Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV☆26Updated 2 years ago
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆31Updated 9 months ago
- C# implementation of Shellcode delivery techniques using PInvoke and DInvoke variations for API calling.☆35Updated 3 years ago
- A script that greps composite key-like strings from a KeePassXC process dump, then uses a customized version of pykeepass library to unlo…☆32Updated 2 years ago
- Simple HTTP async comms using standard GET/POST requests☆32Updated 3 weeks ago
- A cloud automation system for Red Teams based on Terraform and Ansible☆24Updated 3 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆43Updated 3 years ago
- ☆27Updated 4 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆85Updated 2 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆85Updated 2 years ago
- OSED Practice binary☆24Updated last year
- Remotely dump NT hashes through Windows Crash dumps☆26Updated 5 months ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆54Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- ☆23Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- A simple BOF implementation of klist using Windows API☆30Updated 2 years ago
- Multi-threaded C2 framework built in Flask with keylogger - from the Offensive C# Course by Naga Sai Nikhil☆21Updated 2 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Updated 3 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Updated last year
- Small POC for process ghosting☆39Updated 3 years ago
- Arbitrary File Delete in Windows Installer before 10.0.19045.2193☆29Updated 2 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 2 years ago
- IOXIDResolver from AirBus Security/PingCastle☆47Updated 4 years ago
- Some Cyber Security related scripts☆18Updated last year