trustedsec / inProc_Evade_Get-InjectedThreadLinks
PoC code from blog
☆16Updated 5 years ago
Alternatives and similar repositories for inProc_Evade_Get-InjectedThread
Users that are interested in inProc_Evade_Get-InjectedThread are comparing it to the libraries listed below
Sorting:
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 4 years ago
- ☆15Updated 5 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Updated 6 years ago
- ☆14Updated 5 years ago
- ☆28Updated 7 years ago
- C# code to run PIC using CreateThread☆17Updated 6 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆28Updated 5 years ago
- ☆14Updated 5 years ago
- Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.☆14Updated 7 years ago
- Simple Aggressor Scripts for Cobalt Strike☆12Updated 4 years ago
- Protect your servers with a secret header☆29Updated 5 years ago
- ☆25Updated 6 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Updated 3 years ago
- .net tool that uses WMI queries to enumerate active sessions and accounts configured to run services on remote systems☆33Updated 5 years ago
- This is a 64 bit VBA implementation of Christophe Tafani-Dereeper's original VBA code described in his blog @ https://blog.christophetd.f…☆21Updated 5 years ago
- Source code in Win32 ASM and C for a shellcode execution wrapper designed to mitigate the risk of shellcode execution on a host other tha…☆19Updated 9 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 3 years ago
- ☆18Updated 3 years ago
- A variation CredBandit that uses compression to reduce the size of the data that must be trasnmitted.☆19Updated 3 years ago
- ☆9Updated 4 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 4 years ago
- Ransoblin (Ransomware Bokoblin)☆18Updated 4 years ago
- A simple injector that uses LoadLibraryA☆18Updated 5 years ago
- POC code to crash Windows Event Logger Service☆27Updated 4 years ago
- Extract all IP of a computer using DCOM without authentication (aka detect network used for administration)☆26Updated 5 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- Spin up a reverse proxy quickly on Heroku☆14Updated 4 years ago
- ☆26Updated 6 years ago
- Loads .NET Assembly Via CLR Loader☆16Updated 6 years ago