wietze / windows-dll-env-hijacking
Project for identifying executables and DLLs vulnerable to environment-variable based DLL hijacking.
☆57Updated 2 years ago
Alternatives and similar repositories for windows-dll-env-hijacking:
Users that are interested in windows-dll-env-hijacking are comparing it to the libraries listed below
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆134Updated 7 months ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆149Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Identify and exploit leaked handles for local privilege escalation.☆106Updated last year
- ☆88Updated 2 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆127Updated 2 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆85Updated 2 years ago
- Find .net assemblies locally☆111Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆80Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆81Updated 2 years ago
- C# havoc implant☆99Updated 2 years ago
- Lateral Movement via the .NET Profiler☆81Updated 5 months ago
- Offensive tool for fileless lateral movement on Windows networks☆25Updated 11 months ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆91Updated 2 years ago
- Find DLLs with RWX section☆79Updated last year
- Weaponized HellsGate/SigFlip☆199Updated last year
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆106Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆86Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆104Updated 2 years ago
- POC tools for exploring SMB over QUIC protocol☆122Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆146Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆71Updated last month
- A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.☆62Updated last year
- ☆140Updated last year
- ☆122Updated last year
- ☆181Updated last year
- ShellcodeFluctuation PoC ported to Nim☆76Updated 2 years ago
- Implant drop-in for EDR testing☆138Updated last year