There are no reviews yet. Be the first to send feedback to the community and the maintainers!
SigFlip
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.GadgetToJScript
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.ExecuteAssembly
Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS headers, Unlinking .NET related modules, bypassing ETW+AMSI, avoiding EDR hooks via NT static syscalls (x64) and hiding imports by dynamically resolving APIs (hash).NTLMRelay2Self
An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).NoAmci
Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().vba2clr
Running .NET from VBANET-Assembly-Inject-Remote
.NET assembly local/remote loading/injection into memory.genxlm
A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4Macro"Scrncat
A script using OCR (pytesseract) and PIL to rename/order/group Screenshots into PR/RT phases based on which RT/PT stage executed commands correspond to & Redact passwords based on common password patterns (Regex) or a passwords/hashes list of choice.Love Open Source and this site? Check out how you can help us