Tool designed to exfiltrate OneDrive Business OCR Data
☆125Jan 27, 2025Updated last year
Alternatives and similar repositories for OCRMe
Users that are interested in OCRMe are comparing it to the libraries listed below
Sorting:
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- a tiny program to consume from ETW providers for research☆54Jan 4, 2025Updated last year
- BypassIT is a framework for covert malware delivery and post-exploitation using AutoIT for red / blue team self assessment.☆45Jul 6, 2025Updated 7 months ago
- ☆146Nov 6, 2025Updated 3 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Apr 2, 2025Updated 10 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- Rainbow table generation & lookup tools.☆31Dec 17, 2025Updated 2 months ago
- Nameless C2 - A C2 with all its components written in Rust☆283Sep 26, 2024Updated last year
- ☆12Feb 4, 2025Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- Internal Monologue BOF☆79Dec 28, 2024Updated last year
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆231Feb 12, 2025Updated last year
- pysnaffler☆110Jan 6, 2026Updated last month
- Spoofing desktop login applications with WinForms and WPF☆177Feb 19, 2024Updated 2 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆185Jan 17, 2026Updated last month
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆340Oct 7, 2024Updated last year
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆45Aug 16, 2024Updated last year
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- ☆26Feb 11, 2025Updated last year
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆37Dec 12, 2025Updated 2 months ago
- ☆274Jan 14, 2023Updated 3 years ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆537May 9, 2025Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- Shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆137Dec 22, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆281Sep 18, 2024Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆168May 30, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Shellcode loader☆101Nov 24, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Adversary Emulation Framework☆129Jul 1, 2025Updated 7 months ago
- ☆31Feb 28, 2025Updated 11 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Simple reverse ICMP shell☆14Apr 30, 2024Updated last year
- A secure sandbox environment for malware developers and red teamers to test payloads against detection mechanisms before deployment. Inte…☆1,311Nov 12, 2025Updated 3 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- Azure Post Exploitation Framework☆244Oct 27, 2025Updated 4 months ago