0xHossam / APT-Attack-Simulation
APT-Attack-Simulation simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persistence and privilege escalation.
☆43Updated 6 months ago
Related projects ⓘ
Alternatives and complementary repositories for APT-Attack-Simulation
- ☆55Updated 7 months ago
- Bypass AMSI By Dividing files into multiple smaller files☆45Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆52Updated 9 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆77Updated 11 months ago
- C# havoc implant☆96Updated last year
- Scripts I use to deploy Havoc on Linode and setup categorization and SSL☆39Updated 5 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆43Updated last year
- Malicious powershell scripts loader designed to avoid detection.☆36Updated last year
- ☆25Updated last year
- Duplicate not owned Token from Running Process☆72Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆53Updated 7 months ago
- Construct the payload at runtime using an array of offsets☆58Updated 5 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆88Updated last month
- A repository with my code snippets for research/education purposes.☆50Updated last year
- PowerShell script to generate ShellCode in various formats☆39Updated last month
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆40Updated last year
- Create Anti-Copy DRM Malware☆46Updated 3 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆95Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆108Updated last month
- ☆25Updated last year
- Windows Thread Pool Injection Havoc Implementation☆28Updated 7 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆51Updated 4 months ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆84Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 6 months ago
- Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process☆63Updated 6 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated 11 months ago
- IAT Unhooking proof-of-concept☆28Updated 7 months ago