Example Usage

HKLM\Software\Policies\Microsoft\Windows\SrpV2     (XML policy storage, persistent)
HKLM\SYSTEM\CurrentControlSet\Control\Srp\Gp\Exe  (SDDL binary format, active enforcement)
HKLM\SYSTEM\CurrentControlSet\Control\AppID\CertStore (Certificate cache)

See also

.NET-Obfuscator

Open Source

Lists of .NET Obfuscator (Free, Freemium, Paid and Open Source )…

Unicorn

Open Source

Simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Works…

AMSI Bypass Techniques

Open Source

Collection of PowerShell AMSI (Antimalware Scan Interface) bypass techniques. Patches AMSI in-memory…

ScareCrow

Open Source

Payload creation framework focused on EDR bypass. Creates loaders using a variety of techniques incl…

aidsfuscator

Free

Aidsfuscator is a java bytecode obfuscator that aims to become the best, if not then one of the best…

incident-response-plan-template

Free

A concise, directive, specific, flexible, and free incident response plan template…