SharpHide
Registry persistence tool
Creates hidden registry keys to persist data despite DFIR investigation
Tool to create hidden registry keys.
465 stars
25 watching
94 forks
Language: C#
last commit: about 5 years ago Related projects:
| Repository | Description | Stars |
|---|---|---|
 ewhitehats/invisiblepersistence | A Windows registry persistence mechanism that operates stealthily | 338 |
 djhohnstein/sharpchromium | Tool to extract data from Chromium-based browsers | 692 |
| outflanknl/wdtoggle | A tool to enable WDigest credential caching using direct system calls in Cobalt Strike | 213 |
 improsec/sharpeventpersist | Tools to write and read shellcode from Event Log using C# and Windows persistence mechanisms | 367 |
 klezvirus/sharpselfdelete | Implementation of a Windows exploitation technique using P/Invoke to delete processes from memory | 147 |
 theflakes/reg_hunter | A tool for triaging and hunting Windows persistence mechanisms, providing forensic insights into system activity. | 142 |
 ntquerysysteminformation/customkeyboardlayoutpersistence | A Proof of Concept that achieves code execution by persisting a custom keyboard layout on Windows 11 | 161 |
 0xthirteen/staykit | A persistence kit for Cobalt Strike using a custom .NET assembly and leveraging various Windows techniques to maintain access after initial access is lost. | 465 |
| outflanknl/c2-tool-collection | Tools for exploiting vulnerabilities in Windows systems and gathering information about networked computers. | 1,143 |
| outflanknl/spray-ad | Automates an Active Directory password spraying attack to identify weak or guessable passwords | 425 |
 zonksec/persistence-aggressor-script | A PowerShell script designed to evade detection by persisting on a compromised system through multiple evasion techniques | 172 |
 aegrah/panix | A Linux persistence tool designed to support security research and detection engineering. | 410 |
 mergesort/public-extension | A log of handy Swift extensions curated and maintained by the community. | 298 |
 objective-see/knockknock | A tool for detecting persistently installed software on Macs. | 450 |
 teknasyon-teknoloji/persistencekit | A library providing a simple way to store and retrieve Codable objects in various persistence layers | 155 |