├── .gitignore ├── Bypass Sysmon With Updating Rules ├── SysmonRuleUpdateBypass │ ├── SysmonDataRecv.sln │ └── SysmonDataRecv │ │ ├── SysmonDataRecv.cpp │ │ ├── SysmonDataRecv.vcxproj │ │ ├── SysmonDataRecv.vcxproj.filters │ │ ├── SysmonDataRecv.vcxproj.user │ │ ├── pch.cpp │ │ └── pch.h ├── bypass.xml ├── bypass_edr.reg └── readme.md ├── CriticalProcess ├── CriticalProcess.sln └── CriticalProcess │ ├── CriticalProcess.cpp │ ├── CriticalProcess.vcxproj │ ├── CriticalProcess.vcxproj.filters │ ├── CriticalProcess.vcxproj.user │ ├── pch.cpp │ └── pch.h ├── EnumAllHandles ├── EnumAllHandles.sln └── EnumAllHandles │ ├── EnumAllHandles.cpp │ ├── EnumAllHandles.vcxproj │ ├── EnumAllHandles.vcxproj.filters │ ├── EnumAllHandles.vcxproj.user │ ├── pch.cpp │ └── pch.h ├── Images ├── EnumAllHandles │ ├── EnumAllHandles1.png │ └── EnumAllHandles2.png └── readme.md ├── ImpersonateNtlmNegotiation ├── SSPI_Client │ ├── SSPI_Client.sln │ └── SSPI_Client │ │ ├── SSPI_Client.cpp │ │ ├── SSPI_Client.vcxproj │ │ ├── SSPI_Client.vcxproj.filters │ │ ├── SSPI_Client.vcxproj.user │ │ ├── SspiExample.h │ │ ├── pch.cpp │ │ └── pch.h └── SSPI_Server │ ├── SSPI_Server.sln │ └── SSPI_Server │ ├── SSPI_Server.cpp │ ├── SSPI_Server.vcxproj │ ├── SSPI_Server.vcxproj.filters │ ├── SSPI_Server.vcxproj.user │ ├── SspiExample.h │ ├── pch.cpp │ └── pch.h ├── ImpersonationPipeLine ├── NamedPipeClient │ ├── NamedPipeClient.sln │ └── NamedPipeClient │ │ ├── NamedPipeClient.cpp │ │ ├── NamedPipeClient.vcxproj │ │ ├── NamedPipeClient.vcxproj.filters │ │ ├── NamedPipeClient.vcxproj.user │ │ ├── pch.cpp │ │ └── pch.h └── NamedPipeServer │ ├── NamedPipeServer.sln │ └── NamedPipeServer │ ├── NamedPipeServer.cpp │ ├── NamedPipeServer.vcxproj │ ├── NamedPipeServer.vcxproj.filters │ ├── NamedPipeServer.vcxproj.user │ ├── pch.cpp │ └── pch.h ├── LICENSE └── README.md /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/.gitignore -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv.sln -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.cpp -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.vcxproj -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.vcxproj.filters -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/SysmonDataRecv.vcxproj.user -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/pch.cpp -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/SysmonRuleUpdateBypass/SysmonDataRecv/pch.h -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/bypass.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/bypass.xml -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/bypass_edr.reg: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Bypass Sysmon With Updating Rules/bypass_edr.reg -------------------------------------------------------------------------------- /Bypass Sysmon With Updating Rules/readme.md: -------------------------------------------------------------------------------- 1 | This is the needed files for a Sysmon bypass 2 | -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess.sln -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess/CriticalProcess.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess/CriticalProcess.cpp -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess/CriticalProcess.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess/CriticalProcess.vcxproj -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess/CriticalProcess.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess/CriticalProcess.vcxproj.filters -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess/CriticalProcess.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess/CriticalProcess.vcxproj.user -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess/pch.cpp -------------------------------------------------------------------------------- /CriticalProcess/CriticalProcess/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/CriticalProcess/CriticalProcess/pch.h -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles.sln -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles/EnumAllHandles.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles/EnumAllHandles.cpp -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles/EnumAllHandles.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles/EnumAllHandles.vcxproj -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles/EnumAllHandles.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles/EnumAllHandles.vcxproj.filters -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles/EnumAllHandles.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles/EnumAllHandles.vcxproj.user -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles/pch.cpp -------------------------------------------------------------------------------- /EnumAllHandles/EnumAllHandles/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/EnumAllHandles/EnumAllHandles/pch.h -------------------------------------------------------------------------------- /Images/EnumAllHandles/EnumAllHandles1.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Images/EnumAllHandles/EnumAllHandles1.png -------------------------------------------------------------------------------- /Images/EnumAllHandles/EnumAllHandles2.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/Images/EnumAllHandles/EnumAllHandles2.png -------------------------------------------------------------------------------- /Images/readme.md: -------------------------------------------------------------------------------- 1 | list of images 2 | -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client.sln -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.cpp -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.vcxproj -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.vcxproj.filters -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SSPI_Client.vcxproj.user -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SspiExample.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/SspiExample.h -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/pch.cpp -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Client/SSPI_Client/pch.h -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server.sln -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.cpp -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.vcxproj -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.vcxproj.filters -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SSPI_Server.vcxproj.user -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SspiExample.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/SspiExample.h -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/pch.cpp -------------------------------------------------------------------------------- /ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonateNtlmNegotiation/SSPI_Server/SSPI_Server/pch.h -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient.sln -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.cpp -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.vcxproj -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.vcxproj.filters -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/NamedPipeClient.vcxproj.user -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/pch.cpp -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeClient/NamedPipeClient/pch.h -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer.sln: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer.sln -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.cpp -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.vcxproj: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.vcxproj -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.vcxproj.filters: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.vcxproj.filters -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.vcxproj.user: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/NamedPipeServer.vcxproj.user -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/pch.cpp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/pch.cpp -------------------------------------------------------------------------------- /ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/pch.h: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/ImpersonationPipeLine/NamedPipeServer/NamedPipeServer/pch.h -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/SinaKarvandi/Process-Magics/HEAD/README.md --------------------------------------------------------------------------------