yo-yo-yo-jbo / virtual_memory_known_dllsView external linksLinks
☆21May 17, 2023Updated 2 years ago
Alternatives and similar repositories for virtual_memory_known_dlls
Users that are interested in virtual_memory_known_dlls are comparing it to the libraries listed below
Sorting:
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- Grepify the GUI Regex Text Scanner for Code Reviewers☆23Apr 15, 2013Updated 12 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆61Sep 23, 2023Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 2 years ago
- ☆17Jun 28, 2023Updated 2 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆33Dec 5, 2022Updated 3 years ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated 11 months ago
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- Rust implementation of the Process Herpaderping☆25Jul 6, 2023Updated 2 years ago
- ☆14Oct 25, 2019Updated 6 years ago
- Defeating Anti-Debugging Techniques for Malware Analysis☆13Oct 1, 2022Updated 3 years ago
- ☆20Mar 21, 2024Updated last year
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆20Feb 8, 2024Updated 2 years ago
- Identify common attack paths to get Domain Administrator☆22Aug 20, 2019Updated 6 years ago
- ☆180Apr 24, 2025Updated 9 months ago
- ☆49Feb 11, 2023Updated 3 years ago
- C# loader that copies a chunk at the time of the shellcode in memory, rather that all at once☆23Jul 14, 2022Updated 3 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- A .NET assembly tracer using Harmony for runtime method interception.☆50Oct 24, 2025Updated 3 months ago
- ☆22Jun 9, 2025Updated 8 months ago
- hook KeyboardClassServiceCallback to prevent messing up sistema☆26Nov 14, 2023Updated 2 years ago
- Grab NetNTLMv2 hashes using ETW with administrative rights on Windows 8.1 / Windows Server 2016 and later☆94May 9, 2023Updated 2 years ago
- Chameleon is a polymorphic engine for x86_64 position independent shellcode that has been created out of the need to evade signature-base…☆47Oct 3, 2025Updated 4 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- Bypassing kernel patch protection runtime☆21Feb 19, 2023Updated 2 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆25May 19, 2022Updated 3 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆58Oct 10, 2022Updated 3 years ago
- If you have any questions, please open an issue.☆25Apr 6, 2022Updated 3 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- BOF template with boflink and mutator kit support☆49Jan 8, 2026Updated last month
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆43Aug 10, 2025Updated 6 months ago
- A PoC .NET-specific process injection tool☆57Mar 17, 2024Updated last year
- C# .Net Framework program that uses RunspaceFactory for Powershell command execution.☆24Nov 9, 2022Updated 3 years ago
- Decrypt NTDS hashes☆23Jan 22, 2014Updated 12 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Jul 21, 2022Updated 3 years ago
- ☆27Aug 8, 2021Updated 4 years ago
- ☆109Feb 17, 2025Updated 11 months ago