snovvcrash / MirrorDump
Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in memory
☆102Updated 2 years ago
Alternatives and similar repositories for MirrorDump:
Users that are interested in MirrorDump are comparing it to the libraries listed below
- Pass the Hash to a named pipe for token Impersonation☆140Updated 3 years ago
- DLL Hijack Search Order Enumeration BOF☆146Updated 3 years ago
- POC tools for exploring SMB over QUIC protocol☆121Updated 2 years ago
- Collection of CobaltStrike beacon object files☆102Updated 3 years ago
- ☆88Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆98Updated 3 years ago
- Checks for signature requirements over LDAP☆96Updated 2 years ago
- credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege☆122Updated 3 years ago
- ☆139Updated 2 years ago
- MSBuild without MSbuild.exe☆129Updated 4 years ago
- AV/EDR evasion via direct system calls.☆107Updated last year
- Tool for interacting with outlook interop during red team engagements☆143Updated 3 years ago
- Cobalt Strike Beacon Object Files☆160Updated 2 years ago
- .NET project for installing Persistence☆64Updated 3 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆226Updated 3 years ago
- Proof of Concept Utilities Developed to Research NTLM Relaying Attacks Targeting ADFS☆176Updated 2 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆181Updated 2 years ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆54Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆139Updated 3 years ago
- UI for creating LNKs☆97Updated 3 years ago
- Collection of Beacon Object Files (BOFs) for shells and lols☆114Updated 3 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆85Updated 2 years ago
- C# version of Powermad☆160Updated last year
- Coerce Windows machines auth via MS-EVEN☆157Updated last year
- Convert Cobalt Strike profiles to IIS web.config files☆112Updated 3 years ago
- A fake AMSI Provider which can be used for persistence.☆147Updated 3 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆106Updated 3 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆122Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆101Updated 2 years ago
- ☆55Updated 3 years ago