ustayready / CasperStagerLinks
PoC for persisting .NET payloads in Windows Notification Facility (WNF) state names using low-level Windows Kernel API calls.
☆151Updated 6 years ago
Alternatives and similar repositories for CasperStager
Users that are interested in CasperStager are comparing it to the libraries listed below
Sorting:
- A repository of some of my Windows 10 Device Guard Bypasses☆137Updated 7 years ago
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Updated 8 years ago
- Tool for injecting a "TCP Relay" managed assembly into unmanaged processes☆116Updated 6 years ago
- ☆229Updated 7 years ago
- A tool to exploit .NET DCOM for EoP and RCE. Is fixed in latest versions of the .NET.☆91Updated 10 years ago
- Reflective Polymorphism☆104Updated 6 years ago
- PoC for Privilege Escalation in Windows 10 Diagnostics Hub Standard Collector Service☆109Updated 6 years ago
- FLARE Kernel Shellcode Loader☆178Updated 6 years ago
- ☆216Updated 7 years ago
- Sandbox escape using WinHTTP Web Proxy Auto-Discovery Service☆85Updated 5 years ago
- A proof-of-concept subject interface package (SIP) used to demonstrate digital signature subversion attacks.☆96Updated 7 years ago
- UAC Bypass with mmc via alpc☆156Updated 6 years ago
- ☆141Updated 8 years ago
- VBS Reversed TCP Meterpreter Stager☆87Updated 8 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Updated 5 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆146Updated 5 years ago
- PoC dlls for Task Scheduler COM Hijacking☆94Updated 8 years ago
- ReaCOM has got a lot of tools to use and is related to component object model☆74Updated 5 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆229Updated 6 years ago
- A proof of concept for dynamically loading .net assemblies at runtime with only a minimal convention pre-knowledge☆162Updated 6 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Updated 4 years ago
- Pazuzu: Reflective DLL to run binaries from memory☆216Updated 4 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- NCC Group's analysis and exploitation of CVE-2017-8759 along with further refinements☆96Updated 7 years ago
- Driver Initial Reconnaissance Tool☆123Updated 5 years ago
- A tool to run .Net DLLs from the command line☆102Updated 6 years ago
- Windows Stagers to circumvent restrictive network environments☆66Updated 8 months ago
- CACTUSTORCH: Payload Generation for Adversary Simulations☆76Updated 6 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 4 years ago
- A Generic Windows Memory Scraping Tool☆71Updated 8 years ago