zacateras / sddl-parser
Security Descriptor Definition Language (SDDL) Parser
☆36Updated 4 years ago
Alternatives and similar repositories for sddl-parser:
Users that are interested in sddl-parser are comparing it to the libraries listed below
- A tool to create COM class/interface relationships in neo4j☆49Updated 2 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆61Updated 3 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆75Updated 5 years ago
- PE File Blessing - To continue or not to continue☆87Updated 5 years ago
- Change up a binary's embedded resources with this little creature.☆34Updated 5 years ago
- ☆41Updated 5 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆61Updated 5 months ago
- In 'n Out - See what goes in and comes out of PEs☆34Updated 2 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆63Updated 5 years ago
- ☆26Updated 6 years ago
- Inject .Net payloads into other .Net assemblies on disk☆61Updated 5 years ago
- C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.☆69Updated 4 years ago
- Babel-Shellfish deobfuscates and scans Powershell scripts on real-time right before each line execution.☆43Updated 6 years ago
- InsecurePowerShell is PowerShell with some security features removed.☆104Updated 7 years ago
- Simple .NET assembly to interact with services.☆40Updated 5 years ago
- Extract the password of the current user from flow (keylogger, config file, ..) Use SSPI to get a valid NTLM challenge/response and test …☆59Updated 6 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Updated 3 years ago
- ReaCOM has got a lot of tools to use and is related to component object model☆74Updated 5 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 4 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆58Updated 6 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 3 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆34Updated 4 years ago
- Initial Commit of Coresploit☆56Updated 3 years ago
- C++ function that will automagically unhook a specified Windows API☆62Updated 4 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆122Updated 3 years ago
- Code Exec via Excel☆87Updated 7 years ago
- .Net Assembly to block ETW telemetry in current process☆78Updated 4 years ago
- Extension of SMBLibrary for RPC calls☆33Updated 10 months ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Updated 6 years ago
- Managed code hooking template.☆131Updated 3 years ago