GitHub – api0cradle/UltimateAppLockerByPassList: The goal of this repository is to document the most common techniques to bypass AppLocker.
The goal of this repository is to document the most common techniques to bypass AppLocker. – GitHub – api0cradle/UltimateAppLockerByPassList: The goal of this repository is to document the most co…
github.com
AppLocker can be bypassed by some specific location…exe file executed by the service(or other method) can bypass the AppLocker(HTB Giddy is a good example)
BankSecurity’s gists
GitHub Gist: star and fork BankSecurity’s gists by creating an account on GitHub.
gist.github.com
Simple C#/PS/txt rev shells. Can be built by Microsoft Visual Studio and will not be flagged as malicious. (No need to evade the Anti Virus software)
# Starting new project
dotnet new console
# Copying code in Program.cs
# Building as single binary
dotnet publish -r win-x64 -c Release /p:PublishSingleFile=trueUse dotnet on Linux to build the C# project. -r means build a self-contained app, which means the exe will contains all the necessary core DLL for the app, result in a hugh exe file(approximately 70MB!!).
If you remove the -r flag then publish will only include the DLL’s for you app. But this means whoever wants to use your app must first install the .NET Core runtime.
