Malicious Registry Timestamp Manipulation Technique: Detecting Registry Timestomping
sokaRepo/CoercedPotatoRDLL: Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege - sokaRepo/CoercedPotatoRDLL
Getting SYSTEM – Decoder's Blog
In your red teaming or pentesting activities escalating to SYSTEM on a Windows box is always the desired objective. The SYSTEM user is a special operating system user with the highest privilege, m…
marcosValle/awesome-windows-red-team: A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams - GitHub - marcosValle/awesome-windows-red-team: A curated list of awesome Windows frameworks, librari...
GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact - GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Pyth...
Rpc toolkit fantastic interfaces how to find
GitHub - D1rkMtr/RecyclePersist: implementation of Persistence via Recycle Bin by adding "open\command" subkey to the "HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell" key and changing its value to the implant path
implementation of Persistence via Recycle Bin by adding "open\command" subkey to the "HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell" key and changing i...
Hijack Libs