A repository of some of my Windows 10 Device Guard Bypasses
☆139Aug 3, 2017Updated 8 years ago
Alternatives and similar repositories for DeviceGuardBypasses
Users that are interested in DeviceGuardBypasses are comparing it to the libraries listed below
Sorting:
- A set of demos and a PowerShell module to interact with DotNetInterop.☆69Apr 7, 2018Updated 7 years ago
- Post-explotation Hacks☆14Jan 6, 2019Updated 7 years ago
- Simple library to spray the Windows Kernel Pool☆110Jan 6, 2020Updated 6 years ago
- ☆14Jan 10, 2017Updated 9 years ago
- In case you didn't now how to restore the user password after a password reset (get the previous hash with DCSync)☆169Jun 8, 2017Updated 8 years ago
- Some sample code from my Zero Nights 2017 presentation.☆60Nov 19, 2017Updated 8 years ago
- Notes my learning steps about Windows-NT☆23May 18, 2017Updated 8 years ago
- ☆234Sep 10, 2017Updated 8 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- Implementation of the .NET Profiler DLL hijack in C#☆98Dec 14, 2018Updated 7 years ago
- analyze the content of the pe file on windows, and shell(pack) function for windows drivers.☆11Nov 9, 2018Updated 7 years ago
- Class implementation of PowerLoader injection technique☆32Dec 23, 2016Updated 9 years ago
- PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.☆152Jun 3, 2019Updated 6 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- SharpShell is a proof-of-concept offensive C# scripting engine that utilizes the Rosyln C# compiler to quickly cross-compile .NET Framew…☆128Dec 11, 2018Updated 7 years ago
- CANAPE Network Testing Tool☆34Sep 25, 2018Updated 7 years ago
- Anti-AV compilation☆44Oct 4, 2013Updated 12 years ago
- This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System f…☆285May 14, 2020Updated 5 years ago
- Exploit WinIo - Vidix and Run Shellcode in Windows Kerne ( local Privilege escalation )☆28Aug 30, 2015Updated 10 years ago
- Powershell Persistence Locator☆67Sep 11, 2016Updated 9 years ago
- Use CLR to inject all the .NET apps☆185Apr 17, 2021Updated 4 years ago
- A collection of PowerShell Modules for BloodHound/Empire Orchestration☆110Sep 26, 2017Updated 8 years ago
- Obtain remote process cookies by performing a brute-force attack on ntdll.RtlDecodePointer using known pointer encodings.☆23May 31, 2017Updated 8 years ago
- WIP - Play with Intel VM Extensions☆23Jun 12, 2017Updated 8 years ago
- PCAUSA Rawether for Windows Local Privilege Escalation☆39Mar 15, 2017Updated 9 years ago
- Constrained Language Mode + AMSI bypass all in one☆156Jul 29, 2019Updated 6 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆101Jan 7, 2018Updated 8 years ago
- A JavaScript and VBScript Based Empire Launcher, which runs within their own embedded PowerShell Host.☆321Jun 5, 2017Updated 8 years ago
- A tool to exploit .NET Remoting Services☆534Jul 31, 2024Updated last year
- ☆208May 1, 2020Updated 5 years ago
- it's a simple LKM rootkit.☆12Aug 2, 2016Updated 9 years ago
- WMI Event Subscription Persistence in C#☆112May 29, 2019Updated 6 years ago
- CobaltStrike External C2 for Websockets☆197Jul 16, 2019Updated 6 years ago
- CScriptShell, a Powershell Host running within cscript.exe☆163Apr 11, 2017Updated 8 years ago
- PE32 binary + W32 payload☆11Jul 23, 2017Updated 8 years ago
- PSAmsi is a tool for auditing and defeating AMSI signatures.☆398Apr 22, 2018Updated 7 years ago
- Sample use cases of the .NET native code hooking technique☆218Feb 9, 2018Updated 8 years ago
- ☆229May 10, 2018Updated 7 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆117May 23, 2019Updated 6 years ago