A repository of some of my Windows 10 Device Guard Bypasses
☆139Aug 3, 2017Updated 8 years ago
Alternatives and similar repositories for DeviceGuardBypasses
Users that are interested in DeviceGuardBypasses are comparing it to the libraries listed below
Sorting:
- A set of demos and a PowerShell module to interact with DotNetInterop.☆69Apr 7, 2018Updated 7 years ago
- Post-explotation Hacks☆14Jan 6, 2019Updated 7 years ago
- Simple library to spray the Windows Kernel Pool☆110Jan 6, 2020Updated 6 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆168Jun 8, 2017Updated 8 years ago
- Class implementation of PowerLoader injection technique☆32Dec 23, 2016Updated 9 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Dec 14, 2018Updated 7 years ago
- analyze the content of the pe file on windows, and shell(pack) function for windows drivers.☆11Nov 9, 2018Updated 7 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆109Sep 26, 2017Updated 8 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- Constrained Language Mode + AMSI bypass all in one☆157Jul 29, 2019Updated 6 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago
- SharpShell is a proof-of-concept offensive C# scripting engine that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framew…☆128Dec 11, 2018Updated 7 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆39Mar 15, 2017Updated 8 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- Powershell Persistence Locator☆66Sep 11, 2016Updated 9 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆22May 31, 2017Updated 8 years ago
- WIP - Play with Intel VM Extensions☆23Jun 12, 2017Updated 8 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- ☆208May 1, 2020Updated 5 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆101Jan 7, 2018Updated 8 years ago
- ☆234Sep 10, 2017Updated 8 years ago
- ☆229May 10, 2018Updated 7 years ago
- WMI Event Subscription Persistence in C#☆112May 29, 2019Updated 6 years ago
- External C2 Using IE COM Objects☆101Feb 24, 2019Updated 7 years ago
- Various C# projects for offensive security☆111Nov 14, 2019Updated 6 years ago
- Module to provide PowerShell functions that abstract Win32 API functions☆250Jun 6, 2024Updated last year
- Some sample code from my Zero Nights 2017 presentation.☆60Nov 19, 2017Updated 8 years ago
- Collection of C# scripts☆341Feb 8, 2017Updated 9 years ago
- This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…☆285May 14, 2020Updated 5 years ago
- Use CLR to inject all the .NET apps☆184Apr 17, 2021Updated 4 years ago
- Sample use cases of the .NET native code hooking technique☆218Feb 9, 2018Updated 8 years ago
- it's a simple LKM rootkit.☆12Aug 2, 2016Updated 9 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆162Apr 11, 2017Updated 8 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆231May 30, 2019Updated 6 years ago
- Forward local or remote tcp ports through SMB pipes.☆296Mar 7, 2021Updated 4 years ago
- Anti-AV compilation☆44Oct 4, 2013Updated 12 years ago