wolfcod / lsassdump
lsassdump via RtlCreateProcessReflection and NanoDump
☆73Updated last month
Related projects ⓘ
Alternatives and complementary repositories for lsassdump
- Modified versions of the Cobalt Strike Process Injection Kit☆88Updated 9 months ago
- ☆87Updated 2 months ago
- Lateral Movement via the .NET Profiler☆76Updated 5 months ago
- stack spoofing☆53Updated this week
- ☆79Updated 6 months ago
- ☆28Updated 5 months ago
- ☆96Updated last year
- BOF for C2 framework☆40Updated last week
- ☆103Updated 6 months ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆37Updated 10 months ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- C++ Staged Shellcode Loader with Evasion capabilities.☆73Updated last month
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- ☆59Updated 3 months ago
- TypeLib persistence technique☆75Updated 3 weeks ago
- Threadless shellcode injection tool☆60Updated 3 months ago
- Click Once + App Domain☆62Updated 11 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆72Updated 9 months ago
- Construct the payload at runtime using an array of offsets☆58Updated 5 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆57Updated 8 months ago
- Python tool to interact with WMI StdRegProv☆43Updated this week
- ☆83Updated 6 months ago
- ☆20Updated 3 months ago
- Simple BOF to read the protection level of a process☆104Updated last year
- ☆122Updated 11 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆95Updated last year
- Rewrite to fit my needs☆26Updated 4 months ago
- ☆78Updated 7 months ago