usdAG / SharpLinkLinks
Create file system symbolic links from low privileged user accounts within PowerShell
☆93Updated 3 years ago
Alternatives and similar repositories for SharpLink
Users that are interested in SharpLink are comparing it to the libraries listed below
Sorting:
- ☆39Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆142Updated last year
- Managed code hooking template.☆131Updated 3 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆124Updated 2 years ago
- A C# port of the MinHook API hooking library☆55Updated 2 years ago
- Execute PowerShell code at the antimalware-light protection level.☆141Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Offensive tool for fileless lateral movement on Windows networks☆25Updated last year
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆144Updated 3 years ago
- Implant drop-in for EDR testing☆139Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆84Updated 2 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆63Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆189Updated 5 years ago
- Simple APPLocker bypass summary☆42Updated 6 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆103Updated 3 years ago
- A fake AMSI Provider which can be used for persistence.☆151Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 4 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆96Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 9 months ago
- code for the Proxy DLL example blog post☆61Updated 3 years ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆107Updated 2 years ago
- D/Invoke port of UrbanBishop☆107Updated 4 years ago
- D/Invoke implementation in Nim☆101Updated 3 years ago
- Overwrite a process's recovery callback and execute with WER☆103Updated 3 years ago
- ☆82Updated 10 months ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆122Updated 3 years ago
- ☆146Updated 2 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Updated 4 years ago
- ☆88Updated 2 years ago