TangledWinExec
Sandman
| TangledWinExec | Sandman | |
|---|---|---|
| 5 | 2 | |
| 851 | 690 | |
| - | - | |
| 8.5 | 1.9 | |
| 18 days ago | about 1 month ago | |
| C# | C# | |
| BSD 3-clause "New" or "Revised" License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
TangledWinExec
- EaDumper: dump Windows NTFS file extended attributes
- Shellcode Reflective DLL Injection This directory is for tools to test sRDI (Shellcode Reflective DLL Injection)
- DarkLoadLibrary: Load DLL with the Dark Load Library technique.
- PPEditor: This is a Kernel-mode WinDbg extension to edit Protection Level for processes.
- TangledWinExec: C# PoCs for investigation of Windows process execution techniques investigation
Sandman
What are some alternatives?
DcRat - A simple remote tool in C#.
SharpUnhooker - C# Based Universal API Unhooker
LocalAdminSharp - .NET executable to use when dealing with privilege escalation on Windows to gain local administrator access
WMEye - WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
Nidhogg - Nidhogg is an all-in-one simple to use rootkit.
Lunar - A lightweight native DLL mapping library that supports mapping directly from memory
InfoSec - Some hacking tools & resources that I wrote from scratch or modified.
QuasarRAT - Remote Administration Tool for Windows [Moved to: https://github.com/quasar/Quasar]
RPCMon - RPC Monitor tool based on Event Tracing for Windows
Quasar - Remote Administration Tool for Windows
gitlab-watchman - Finding exposed secrets and personal data in GitLab