Alternatives and similar repositories for ArbitraryDirectoryDeletion

Users that are interested in ArbitraryDirectoryDeletion are comparing it to the libraries listed below

• SamuelTulach / GetDeviceInterfacesMemoryLeak

  View on GitHub
  Small memory leak PoC that is happening in IopGetDeviceInterfaces
  ☆25Oct 18, 2020Updated 5 years ago
• thesecretclub / window_hijack

  View on GitHub
  Rendering on external windows via hijacking thread contexts
  ☆404Jun 28, 2020Updated 5 years ago
• ionescu007 / faxhell

  View on GitHub
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆330May 3, 2020Updated 5 years ago
• audibleblink / davil

  View on GitHub
  leaking net-ntlm with webdav
  ☆26Feb 23, 2021Updated 4 years ago
• codewhitesec / SysmonEnte

  View on GitHub
  ☆78Oct 18, 2022Updated 3 years ago
• hasherezade / module_overloading

  View on GitHub
  A more stealthy variant of "DLL hollowing"
  ☆363Mar 8, 2024Updated last year
• checkymander / Carbuncle

  View on GitHub
  Tool for interacting with outlook interop during red team engagements
  ☆146Jun 29, 2021Updated 4 years ago
• leoloobeek / COMRunner

  View on GitHub
  A simple COM server which provides a component to run shellcode
  ☆149May 12, 2020Updated 5 years ago
• binbibi / libedge

  View on GitHub
  Microsoft Edge Microsoft Edge主页算法
  ☆20Apr 15, 2019Updated 6 years ago
• hlldz / APC-PPID

  View on GitHub
  Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.
  ☆158Jun 10, 2019Updated 6 years ago
• vletoux / OxidBindings

  View on GitHub
  Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)
  ☆26Apr 13, 2020Updated 5 years ago
• itm4n / UsoDllLoader

  View on GitHub
  Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
  ☆402Jun 6, 2020Updated 5 years ago
• CCob / goreflect

  View on GitHub
  Reflective DLL loading of your favorite Golang program
  ☆173Jan 27, 2020Updated 6 years ago
• dr4k0nia / MurkyStrings

  View on GitHub
  A string obfuscator for .NET apps, built to evade static string analysis.
  ☆111Jan 3, 2023Updated 3 years ago
• repnz / autochk-rootkit

  View on GitHub
  Reverse engineered source code of the autochk rootkit
  ☆208Nov 1, 2019Updated 6 years ago
• waleedassar / SyscallNumberFinder

  View on GitHub
  ☆33Sep 24, 2021Updated 4 years ago
• RedSection / OffensivePH

  View on GitHub
  OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
  ☆334Oct 9, 2021Updated 4 years ago
• Barbarisch / forkatz

  View on GitHub
  credential dump using foreshaw technique using SeTrustedCredmanAccessPrivilege
  ☆123May 22, 2021Updated 4 years ago
• GoSecure / WSuspicious

  View on GitHub
  WSuspicious - A tool to abuse insecure WSUS connections for privilege escalations
  ☆372Oct 30, 2020Updated 5 years ago
• passthehashbrowns / hiding-your-syscalls

  View on GitHub
  Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…
  ☆218Feb 20, 2023Updated 2 years ago
• klezVirus / DCKFinder

  View on GitHub
  Dangling COM Keys Finder
  ☆17Nov 16, 2021Updated 4 years ago
• rbmm / SDD2

  View on GitHub
  Self delete DLL (2)
  ☆14Feb 15, 2024Updated 2 years ago
• bharadwajyas / ppdump-public

  View on GitHub
  Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…
  ☆25Mar 26, 2020Updated 5 years ago
• alfarom256 / UserVAtoPhysical

  View on GitHub
  Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address
  ☆23Nov 22, 2021Updated 4 years ago
• mdsecactivebreach / DragonCastle

  View on GitHub
  A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.
  ☆301Oct 26, 2022Updated 3 years ago
• Signal-Labs / NtdllUnpatcher

  View on GitHub
  Example code for EDR bypassing
  ☆151Mar 7, 2019Updated 6 years ago
• 0xcpu / winsmsd

  View on GitHub
  Windows (ShadowMove) Socket Duplication
  ☆87Apr 19, 2020Updated 5 years ago
• jthuraisamy / TelemetrySourcerer

  View on GitHub
  Enumerate and disable common sources of telemetry used by AV/EDR.
  ☆819Mar 11, 2021Updated 4 years ago
• Lima-X / XOrCryptEx

  View on GitHub
  XOrCryptEx lightweight C Utility/Algorithm
  ☆11Mar 3, 2022Updated 3 years ago
• crypt0p3g / bof-collection

  View on GitHub
  Collection of Beacon Object Files (BOF) for Cobalt Strike
  ☆186Dec 5, 2022Updated 3 years ago
• Ridter / pyForgeCert

  View on GitHub
  pyForgeCert is a Python equivalent of the ForgeCert.
  ☆69Aug 15, 2023Updated 2 years ago
• aaaddress1 / knownDlls_Poison

  View on GitHub
  ☆26Dec 29, 2021Updated 4 years ago
• alfarom256 / BOF-ForeignLsass

  View on GitHub
  ☆101Aug 23, 2021Updated 4 years ago
• rtyuiow / vmware-backdoor

  View on GitHub
  vmware-backdoor
  ☆33Jul 11, 2021Updated 4 years ago
• bats3c / EvtMute

  View on GitHub
  Apply a filter to the events being reported by windows event logging
  ☆264Apr 24, 2021Updated 4 years ago
• jacob-baines / concealed_position

  View on GitHub
  Bring your own print driver privilege escalation tool
  ☆259Aug 5, 2021Updated 4 years ago
• sailay1996 / WerTrigger

  View on GitHub
  Weaponizing for privileged file writes bugs with windows problem reporting
  ☆244May 10, 2022Updated 3 years ago
• aaaddress1 / wowInjector

  View on GitHub
  PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)
  ☆167May 27, 2021Updated 4 years ago
• djhohnstein / TSMSISrv_poc

  View on GitHub
  C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll
  ☆62Apr 18, 2019Updated 6 years ago