pracsec
Follow
Stars
A Red Team tool for remotely manipulating Group Policy Object(GPO), Organizational Unit(OU), GPLink and Security Filtering
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.
A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.
The ultimate WinRM shell for hacking/pentesting
.NET DllExport with .NET Core support (aka 3F/DllExport aka DllExport.bat)
Simple .NET loader for loading and executing Powershell payloads
Download ScriptAnalyzer from PowerShellGallery
A whitespace reformatter and code cleaner for Windows PowerShell and PowerShell Core
The MSBuild Community Tasks Project is an open source project for MSBuild tasks.
Indirect Syscall with TartarusGate Approach in Go
PowerShell Constrained Language Mode Bypass
A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or develop more techniques. Some …
A .NET Class Library for processing ShellLink (LNK) files
Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…
early cascade injection PoC based on Outflanks blog post
PowerShell Pass The Hash Utils
Free, Open Source, User-Mode SMB 1.0/CIFS, SMB 2.0, SMB 2.1 and SMB 3.0 server and client library
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading
.NET is a cross-platform runtime for cloud, mobile, desktop, and IoT apps.
Source from the Microsoft .NET Reference Source that represent a subset of the .NET Framework