usdAG / SharpLinkLinks
Create file system symbolic links from low privileged user accounts within PowerShell
☆93Updated 2 years ago
Alternatives and similar repositories for SharpLink
Users that are interested in SharpLink are comparing it to the libraries listed below
Sorting:
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆124Updated 2 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- ☆39Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆142Updated last year
- Offensive tool for fileless lateral movement on Windows networks☆25Updated last year
- A fake AMSI Provider which can be used for persistence.☆150Updated 4 years ago
- Managed code hooking template.☆131Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆103Updated 3 years ago
- A C# port of the MinHook API hooking library☆55Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- ☆88Updated 2 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Updated 3 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 8 months ago
- Implant drop-in for EDR testing☆139Updated last year
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆105Updated 2 years ago
- ☆88Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆83Updated 2 years ago
- ☆146Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆95Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- ☆75Updated 2 years ago
- Execute PowerShell code at the antimalware-light protection level.☆141Updated 2 years ago
- Find DLLs with RWX section☆81Updated last year
- ☆58Updated 3 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆90Updated 2 years ago
- D/Invoke implementation in Nim☆101Updated 2 years ago
- C# implementation of the token privilege removal flaw discovered by @GabrielLandau/Elastic☆143Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53Updated 5 years ago
- Investigation about ACL abusing for Active Directory Certificate Services (AD CS)☆122Updated 3 years ago