Hagrid29

icon location Hong Kong

Results 11 repositories owned by Hagrid29

PELoader

343
Stars
55
Forks
Watchers

PE loader with various shellcode injection techniques

verified publisher icon Hagrid29

DuplicateDump

191
Stars
22
Forks
Watchers

Dumping LSASS with a duplicated handle from custom LSA plugin

verified publisher icon Hagrid29

DumpAADSyncCreds

33
Stars
3
Forks
Watchers

C# implementation of Get-AADIntSyncCredentials from AADInternals, which extracts Azure AD Connect credentials to AD and Azure AD from AAD connect database.

verified publisher icon Hagrid29

RemotePatcher

73
Stars
10
Forks
Watchers

Patch AMSI and ETW in remote process via direct syscall

verified publisher icon Hagrid29

CertifyKit

25
Stars
2
Forks
Watchers

Active Directory certificate abuse

verified publisher icon Hagrid29

herpaderply_hollowing

38
Stars
10
Forks
Watchers

Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping

verified publisher icon Hagrid29

AbuseAzureAPIPermissions

34
Stars
3
Forks
Watchers

Abuse Azure API permissions for red teaming

verified publisher icon Hagrid29

BOF-CredUI

19
Stars
1
Forks
Watchers

Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt

verified publisher icon Hagrid29

BOF-DCOMPotato-PrintNotify

35
Stars
7
Forks
Watchers

Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object to DCOM call of PrintNotify.

verified publisher icon Hagrid29

BOF-SprayAD

40
Stars
1
Forks
Watchers

Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray

verified publisher icon Hagrid29