trustedsec / inProc_Evade_Get-InjectedThread
PoC code from blog
☆16Updated 5 years ago
Alternatives and similar repositories for inProc_Evade_Get-InjectedThread:
Users that are interested in inProc_Evade_Get-InjectedThread are comparing it to the libraries listed below
- Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials☆20Updated 4 years ago
- C# code to run PIC using CreateThread☆17Updated 5 years ago
- ☆28Updated 7 years ago
- ☆14Updated 4 years ago
- ☆14Updated 5 years ago
- Ransoblin (Ransomware Bokoblin)☆17Updated 4 years ago
- Retrieve the IIS Application Pool Credentials. Relies on the WebAdministration PowerShell Module.☆14Updated 7 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Updated 3 years ago
- Protect your servers with a secret header☆29Updated 4 years ago
- ☆25Updated 6 years ago
- Extended Process List (Search functionality)☆29Updated 4 years ago
- D/Invoke port of UrbanBishop☆29Updated 4 years ago
- RID Hijacking Proof of Concept script by Kevin Joyce☆15Updated 6 years ago
- Source code in Win32 ASM and C for a shellcode execution wrapper designed to mitigate the risk of shellcode execution on a host other tha…☆19Updated 8 years ago
- Walking the PEB in VBA☆22Updated 4 years ago
- A tool to sync mythic events with ghostwriter oplog.☆12Updated 4 months ago
- ☆9Updated 4 years ago
- ☆37Updated 3 years ago
- ☆13Updated 3 years ago
- ☆26Updated 6 years ago
- Apply a filter to the events being reported by windows event logging☆15Updated 4 years ago
- Convert Empire profiles to Apache mod_rewrite scripts☆27Updated 5 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Updated 4 years ago
- Python script to patch the reflective stub in a DLL☆24Updated 7 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆14Updated 3 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆12Updated 3 years ago
- ☆14Updated 5 years ago
- ☆18Updated 4 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆51Updated 6 years ago