This repository contains a collection of code snippets for research and educational purposes. The snippets are written in C#, PowerShell, and Nim.
| Snippet Name | Description |
|---|---|
| Bypass ASR rule & Dump LSASS | C# code snippet to bypass ASR rule and dump LSASS process. |
| LNK-Generator | Powershell script to generate an obfuscated malicious LNK file as a dropper. |
| Patching EtwEventWrite via DInvoke | C# code snippet to pathing Event Tracing for Windows (ETW) via DInvoke. |
| Patching AmsiScanBuffer via DInvoke | C# code snippet to pathing Antimalware Scan Interface (AMSI) via DInvoke. |
| Bypass ATP and dump LSASS | Powershell code to bypass Advanced Threat Protection (ATP) and dump the LSASS process. For more details check this post Bypass Windows Defender ATP. |
The "Offensive Snippets" repository is intended for authorized testing and educational purposes only. Use for any other purposes is strictly prohibited.