Also known by Microsoft as Knifecoat :hot_pepper:
The main features of fuzzysecurity/sharp-suite are: Defense Evasion, Shellcode Injection.
Open-source alternatives to fuzzysecurity/sharp-suite include: trustedsec/unicorn — Unicorn is a collection of utilities for generating malicious HTA files, VBA macros, encoded PowerShell commands, and… lolbas-project/lolbas — LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security… 3xpl01tc0d3r/processinjection — This program is designed to demonstrate various process injection techniques. api0cradle/ultimateapplockerbypasslist — The goal of this repository is to document the most common techniques to bypass AppLocker. aptortellini/undefender — unDefender is the C++ implementation of a technique originally described by @jonasLyk in this Twitter thread. At its… antoniococo/mapping-injection.
Unicorn is a collection of utilities for generating malicious HTA files, VBA macros, encoded PowerShell commands, and memory-resident shellcode injection frameworks. It provides tools to create payloads designed to achieve remote code execution by bypassing security controls. The project focuses on weaponizing office documents through VBA macros and formulas, generating HTA attack vectors, and creating encoded PowerShell payloads. It includes a shellcode injection framework to wrap external shellcode for direct execution in system memory. The toolkit covers binary-to-base64 conversion for ce
LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, pro
This program is designed to demonstrate various process injection techniques