☆58Apr 30, 2025Updated 10 months ago
Alternatives and similar repositories for LSASS-Forked-Dump---Bypass-EDR-CrowdStrike
Users that are interested in LSASS-Forked-Dump---Bypass-EDR-CrowdStrike are comparing it to the libraries listed below
Sorting:
- AppLocker-Based EDR Neutralization☆323Dec 19, 2025Updated 2 months ago
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Nim Shellcode Injector☆15Jan 24, 2021Updated 5 years ago
- Adjusted version of the impacket-dcomexec script to work against Windows 10☆17Oct 13, 2025Updated 4 months ago
- A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows re…☆62Jul 29, 2025Updated 7 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆186Nov 23, 2025Updated 3 months ago
- Enumerate active EDR's on the system☆152Sep 23, 2025Updated 5 months ago
- This C# tool sprays for admin access over the entire domain☆88Dec 7, 2025Updated 3 months ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆225Nov 23, 2023Updated 2 years ago
- Evasive loader to bypass static detection☆60Jan 15, 2024Updated 2 years ago
- ☆49Oct 14, 2025Updated 4 months ago
- A lightweight Python HTTP server with fuzzy filename matching and automatic fallback to directory listing.☆13Aug 28, 2025Updated 6 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 9 months ago
- this repo contains all nuclei templates for particular vulnerability that i used mosty while hunting..☆10Aug 15, 2024Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- ☆51May 4, 2025Updated 10 months ago
- ☆18Jan 12, 2026Updated last month
- A python script that automates a C2 Profile build☆48Dec 14, 2025Updated 2 months ago
- Compiled Binaries for Sharp Suite☆15Dec 28, 2019Updated 6 years ago
- Ghosting-AMSI☆225Apr 24, 2025Updated 10 months ago
- Assess the security of your Active Directory with few or all privileges.☆346Updated this week
- ☆53Sep 23, 2025Updated 5 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Oct 18, 2024Updated last year
- A set of tools and exploits to cause DoS for remote Windows Server & Windows 11 machines☆32Feb 9, 2026Updated last month
- PEN-300 collection to help you on your exam.☆13Apr 19, 2022Updated 3 years ago
- custom impacket mssqlclient☆26Sep 16, 2023Updated 2 years ago
- DEFCON 33 Workshop - Open Source Malware 101 - Everything you always wanted to know about npm malware (and more)☆15Aug 8, 2025Updated 7 months ago
- Web File Manager☆11Aug 21, 2025Updated 6 months ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 4 months ago
- Early cascade injection PoC based on Outflanks blog post written in Rust☆68Dec 26, 2025Updated 2 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆24Feb 24, 2026Updated last week
- Google Dork Scanner for Google Chrome Extension☆17May 10, 2025Updated 9 months ago
- Windows Privilege Escalation☆18Jun 11, 2022Updated 3 years ago
- MalwareScan is a lightweight and fast malware scanner written in Python. It supports both Windows and Linux platforms and provides an ope…☆13Jun 2, 2025Updated 9 months ago
- Harness to issue Virtual Secure Mode (VSM) "secure calls" from VTL 0 to VTL 1☆77Sep 8, 2025Updated 6 months ago
- Beacon Object File for Cobalt Strike that executes .NET assemblies in beacon with evasion techniques.☆182Dec 23, 2025Updated 2 months ago
- Admin Directory Finder is a tool designed to scan and identify directories under admin paths, such as admin/dashboard.php. It helps in se…☆33Aug 31, 2025Updated 6 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year