zacateras / sddl-parser
Security Descriptor Definition Language (SDDL) Parser
☆36Updated 4 years ago
Alternatives and similar repositories for sddl-parser:
Users that are interested in sddl-parser are comparing it to the libraries listed below
- A tool to create COM class/interface relationships in neo4j☆47Updated 2 years ago
- Library of tools and examples for loading/bootstrapping managed code from unmanaged code in .NET☆62Updated 5 years ago
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆78Updated 3 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆53Updated 2 years ago
- PE File Blessing - To continue or not to continue☆86Updated 5 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆50Updated 3 years ago
- ☆55Updated 3 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆58Updated 2 years ago
- C++ function that will automagically unhook a specified Windows API☆60Updated 4 years ago
- ☆41Updated 5 years ago
- AMSI detection PoC☆30Updated 4 years ago
- A C port of b33f's UrbanBishop☆38Updated 4 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆60Updated 2 months ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 3 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆57Updated 5 years ago
- Managed code hooking template.☆129Updated 3 years ago
- Research into COM☆19Updated 5 years ago
- C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.☆69Updated 3 years ago
- Inject .Net payloads into other .Net assemblies on disk☆61Updated 5 years ago
- Uses WMI Event Win32_ModuleLoadTrace to monitor module loading. Provides filters, and detailed data. Has an option to monitor for CLR Inj…☆39Updated 5 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆102Updated 3 years ago
- C# Utilities for Windows Notification Facility☆128Updated 2 months ago
- D/Invoke port of UrbanBishop☆29Updated 4 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆38Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆52Updated 4 years ago
- ☆37Updated 2 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆120Updated 2 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆43Updated 3 years ago
- Loads .NET Assembly Via CLR Loader☆15Updated 5 years ago
- Timestomping module: overwrite file create/modify times in .NET (no pinvoke)☆24Updated 3 years ago