#
Starred repositories
141
stars
written in C#
Clear filter
Windows protocol library, including SMB and RPC implementations, among others.
DavRelayUp - a universal no-fix local privilege escalation in domain-joined windows workstations where LDAP signing is not enforced (the default settings).
Automated Hosting Information Hunting Tool - Windows 主机信息自动化狩猎工具
Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!
.NET/PowerShell/VBA Offensive Security Obfuscator
A proof-of-concept Remote Desktop (RDP) session hijack utility
Obfuscator for .NET and Mono, with a customizable engine for building your own obfuscators.
A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some …
DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This script has been customized from the ori…
Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
PoCs for Kernelmode rootkit techniques research.
Escalate Service Account To LocalSystem via Kerberos
.NET post-exploitation toolkit for Active Directory reconnaissance and exploitation
Proof of Concept (PoC) .NET tool for remotely killing EDR with WDAC
Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain
Tools and PoCs for Windows syscall investigation.
The first standalone .NET decompiler for Mac, Linux and Windows