y00ga-sec / ForensikeView external linksLinks
Remotely dump NT hashes through Windows Crash dumps
☆34Oct 29, 2024Updated last year
Alternatives and similar repositories for Forensike
Users that are interested in Forensike are comparing it to the libraries listed below
Sorting:
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- A Patchless AMSI Bypass Technique using VEH²☆30Jun 22, 2025Updated 7 months ago
- An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.☆19Apr 30, 2021Updated 4 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Aug 26, 2020Updated 5 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- ☆19Aug 10, 2022Updated 3 years ago
- 32 bit process inject shellcode to 32 bit process and 64 bit process☆35May 8, 2023Updated 2 years ago
- Tools for interacting with authentication packages using their individual message protocols☆368Feb 1, 2026Updated 2 weeks ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- Step-by-step documentation on how to decrypt SCCM database secrets offline☆50Oct 20, 2025Updated 3 months ago
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆60Apr 13, 2023Updated 2 years ago
- ☆28Sep 1, 2023Updated 2 years ago
- Recon scripts for Red Team and Web blackbox auditing☆26Dec 29, 2025Updated last month
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated last year
- 适用于某EHR&HRM的加解密工具,可直接用于sqlmap☆25Jan 14, 2024Updated 2 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Three different shellcode techniques on the Windows Kernel☆15Apr 8, 2025Updated 10 months ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Null-free shellcode for running calc.exe on Windows x64☆13Mar 24, 2024Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 4 months ago
- A REALLY Danger Windows Driver, Turn Any threads Ring0!☆13Aug 11, 2025Updated 6 months ago
- ☆16Jan 12, 2026Updated last month
- An example of using Syscalls in C# to get a meterpreter shell.☆112Oct 7, 2021Updated 4 years ago
- ☆28Aug 12, 2023Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- A multi coroutine concurrent batch URL survival detection tool written in Go, with concurrency determined by CPU by default.一个go编写的多协程并发批…☆12Jan 9, 2024Updated 2 years ago
- 反取证程序,类似usbkill☆11Apr 22, 2023Updated 2 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- clfs CVE 的一些 POC 收集☆16Oct 27, 2022Updated 3 years ago
- ☆12Apr 7, 2022Updated 3 years ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago
- This repository presents a proof-of-concept of CVE-2023-22527☆12Jan 23, 2024Updated 2 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 8 months ago
- Golang Automation Framework for Cobalt Strike using the Rest API☆56Dec 4, 2025Updated 2 months ago
- ☆48Jun 6, 2025Updated 8 months ago
- ntoskrnl .data hooks for UM-KM communication☆53May 26, 2024Updated last year