VoldeSec's repositories
PatchlessCLRLoader
.NET assembly loader with patchless AMSI and ETW bypass
PatchlessInlineExecute-Assembly
Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
BOF-NPPSPY
Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassuming file.
NetEncryptor
Encrypt any C# binary, string or bin file
AV_Evasion_Tool
掩日 - 免杀执行器生成工具
Bloodhound-CustomQueries
Custom Queries - Brought Up to BH4.1 syntax
magento-exploits
Exploits for Magento 2.3.0 and lower
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
Proxy-Function-Calls-For-ETwTI
The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/
Language:PythonMIT000