Search Results for "ios security bypass"

...Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX. Shellcode containing in-build AMSI bypass and ETW patching for a high success rate and stealth. Auto-generated Apache Rewrite rules for use in a C2 proxy, protecting your C2 infrastructure and maintaining good operational security. Fully encrypted communications, protecting the confidentiality and integrity of the C2 traffic.

UltimateAppLockerByPassList is a community-curated repository that collects known techniques, patterns, and candidate binaries that have been observed or proposed to bypass Microsoft AppLocker and similar executable control policies. The project functions as a living catalog: entries list binaries, script hosts, and patterns that researchers have tested or reported in the wild, along with notes about context, platform constraints, and mitigation ideas. It is aimed primarily at defenders, incident responders, and security researchers who need a consolidated reference to understand common bypass vectors and to validate detection logic. ...

PowerShell-Suite is a curated collection of PowerShell utility scripts and modules created to provide low-level Windows API access, process manipulation, debugging detection, security operations, and post-exploitation techniques directly from PowerShell. The project is licensed under BSD-3-Clause. Among its components, there are scripts like Invoke-Runas (to launch processes under alternate credentials via CreateProcessWithLogonW), Invoke-CreateProcess (to spawn processes with fine control over flags, window state, etc.), Detect-Debug (to detect kernel or user mode debugging environments), Get-Handles (to enumerate handles in a process via NtQuerySystemInformation), Get-TokenPrivs (to inspect privileges on process tokens), Get-Exports (to parse DLL exports without loading DLLs), Masquerade-PEB (to alter the PEB of a process to appear as a different process), and UAC-TokenMagic (a method to bypass UAC via token manipulation).

Invoke-TheHash is a PowerShell module providing utilities to perform “Pass-the-Hash” style remote operations over WMI and SMB by supplying NTLM hashes instead of plaintext passwords. The project includes multiple scripts/modules (Invoke-WMIExec, Invoke-SMBExec, Invoke-SMBEnum, Invoke-SMBClient, and a wrapper Invoke-TheHash) so operators can choose enumeration, file access, or command execution modes. It uses .NET’s TcpClient for direct SMB/WMI connections and performs authentication by...