Sandman
TangledWinExec
| Sandman | TangledWinExec | |
|---|---|---|
| 2 | 5 | |
| 692 | 853 | |
| - | - | |
| 1.9 | 8.5 | |
| about 2 months ago | 25 days ago | |
| C# | C# | |
| GNU General Public License v3.0 only | BSD 3-clause "New" or "Revised" License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
Sandman
TangledWinExec
- EaDumper: dump Windows NTFS file extended attributes
- Shellcode Reflective DLL Injection This directory is for tools to test sRDI (Shellcode Reflective DLL Injection)
- DarkLoadLibrary: Load DLL with the Dark Load Library technique.
- PPEditor: This is a Kernel-mode WinDbg extension to edit Protection Level for processes.
- TangledWinExec: C# PoCs for investigation of Windows process execution techniques investigation
What are some alternatives?
DcRat - A simple remote tool in C#.
LocalAdminSharp - .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
SharpUnhooker - C# Based Universal API Unhooker
Nidhogg - Nidhogg is an all-in-one simple to use rootkit.
WMEye - WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
InfoSec - Some hacking tools & resources that I wrote from scratch or modified.
Lunar - A lightweight native DLL mapping library that supports mapping directly from memory
RPCMon - RPC Monitor tool based on Event Tracing for Windows
QuasarRAT - Remote Administration Tool for Windows [Moved to: https://github.com/quasar/Quasar]
gitlab-watchman - Finding exposed secrets and personal data in GitLab
Quasar - Remote Administration Tool for Windows