Initial Access – search-ms URI Handler pentestlab.blog/2024/01/02/i...
Microsoft search protocol enables clients to initiate connections against an enterprise search service such as SharePoint or WebDav. During these search connections the protocol server will respond wi...
EDRSilencer - A tool that uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server github.com/netero1010/E...
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server. - GitHub - netero1010/EDRSilencer: A tool uses Windo...
CLR Heap encryption - a POC for a CLR sleep obfuscation attempt. It uses IHostMemoryManager interface to control the memory allocated by the CLR github.com/lap1nou/CLR_...
Contribute to lap1nou/CLR_Heap_encryption development by creating an account on GitHub.
Reflective x64 loader implemented using dynamic indirect syscalls github.com/Krypteria/At...
Reflective x64 loader implemented using dynamic indirect syscalls - GitHub - Krypteria/AtlasLdr: Reflective x64 loader implemented using dynamic indirect syscalls
PoolParty BOF - A beacon object file implementation of PoolParty Process Injection Technique github.com/0xEr3bus/Poo...
A beacon object file implementation of PoolParty Process Injection Technique. - GitHub - 0xEr3bus/PoolPartyBof: A beacon object file implementation of PoolParty Process Injection Technique.
A set of fully-undetectable process injection techniques abusing Windows Thread Pools github.com/SafeBreach-L...
A set of fully-undetectable process injection techniques abusing Windows Thread Pools - GitHub - SafeBreach-Labs/PoolParty: A set of fully-undetectable process injection techniques abusing Windows ...
IoctlHunter - A command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers z4ksec.github.io/posts/ioctlh...
A simple loader that uses indirect syscalls via the Tartarus' Gate method github.com/nettitude/Ta...
Contribute to nettitude/Tartarus-TpAllocInject development by creating an account on GitHub.