trustedsec / TCS_InjectionTechniques
☆12Updated 11 months ago
Related projects: ⓘ
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago
- Items related to the RedELK workshop given at security conferences☆25Updated 11 months ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated 8 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆17Updated 7 months ago
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆28Updated 3 months ago
- ☆18Updated last year
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆29Updated 10 months ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆31Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆29Updated 2 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆39Updated last year
- Generate droppers with encrypted payloads automatically.☆53Updated 2 years ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆30Updated 2 years ago
- Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions☆13Updated last year
- Bunch of BOF files☆21Updated 7 months ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆26Updated last year
- Beacon Object File implementation of Yaxser's Backstab☆13Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆21Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆22Updated 2 years ago
- A python port of CCob's ThreadlessInject☆26Updated last year
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆37Updated 3 years ago
- ShootCutMe an .LNK file creator tool for redteamer☆14Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Updated 11 months ago
- Another AMSI bypass - but in C++.☆25Updated last year
- Grab unsaved Notepad contents with a Beacon Object File☆10Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆30Updated 10 months ago