zcgonvh / TaskSchedulerMisc
Misc TaskScheduler Plays
☆233Updated 2 years ago
Alternatives and similar repositories for TaskSchedulerMisc:
Users that are interested in TaskSchedulerMisc are comparing it to the libraries listed below
- ☆237Updated last year
- Dumping LSASS with a duplicated handle from custom LSA plugin☆200Updated 3 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆186Updated 3 years ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆355Updated 2 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆160Updated 2 years ago
- BOF combination of KillDefender and Backstab☆166Updated 2 years ago
- A little tool to play with the Seclogon service☆308Updated 2 years ago
- Beacon.dll reverse☆140Updated 3 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆136Updated 3 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆71Updated last year
- A Beacon Object File (BOF) template for Visual Studio☆178Updated last week
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆312Updated 6 months ago
- Useful Cobalt Strike BOFs found or used during engagements☆138Updated last year
- Beacon Object File (BOF) Creation Helper☆225Updated 2 years ago
- Offensive tools written for practice purposes☆153Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆88Updated last year
- A Visual Studio template used to create Cobalt Strike BOFs☆297Updated 3 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆230Updated 2 years ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆130Updated 2 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆138Updated 2 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆270Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆170Updated 2 years ago
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆371Updated 2 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆278Updated 3 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆16Updated 3 years ago
- Windows NTLM Authentication Backdoor☆235Updated 2 months ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆214Updated 2 years ago
- POCs for Shellcode Injection via Callbacks☆403Updated 4 years ago
- Modify version of impacket wmiexec.py, get output(data,response) from registry, don't need SMB connection, also bypassing antivirus-softw…☆279Updated last year
- ☆96Updated last year