Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin resolution experiments
☆86Jun 20, 2026Updated 3 weeks ago
Alternatives and similar repositories for UnCanny
Users that are interested in UnCanny are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Smuggling C2 comms through links previews☆18Jun 17, 2026Updated 3 weeks ago
- A sleepmask based on Ekko that preserves unwind data at sleep time.☆54Mar 30, 2026Updated 3 months ago
- Windows security research toolkit for LPE, persistence, COM hijacking, and attack surface enumeration.☆204Jun 13, 2026Updated last month
- ☆78Updated this week
- Activation Context Hijacking Evasion Tool☆293Jun 17, 2026Updated 3 weeks ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 2 weeks ago
- NØW is a word-based shellcode encoding and obfuscation tool that transforms raw shellcode bytes into natural-looking English prose.☆68Jun 24, 2026Updated 3 weeks ago
- A compiled language for Windows position-independent x86-64 shellcode and Beacon Object Files.☆170Jun 28, 2026Updated 2 weeks ago
- Technical Reference to multiple relay techniques☆190May 21, 2026Updated last month
- WasmForge — compile Go and C# programs to single-binary, WASM-sandboxed native executables with polymorphic output.☆99Jun 24, 2026Updated 2 weeks ago
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 3 months ago
- A stealthy and modular Windows loader designed to bypass modern EDR solutions using Module Stomping, Stack Duplication, and Advanced Slee…☆66Updated this week
- Async BOF that notifies the operator when a user connects to a local or remote target system.☆34Jun 17, 2026Updated 3 weeks ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- This is a collection of proof-of-concept exploits for various targets.☆42Jun 10, 2026Updated last month
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆96Jul 3, 2025Updated last year
- Proof of concept to detect module stomping detection by looking for modified .pdata sections.☆39Jun 11, 2026Updated last month
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- ☆24Updated this week
- ☆86Apr 8, 2026Updated 3 months ago
- Async port scanner BOF. Supports IP/port ranges, CIDR notation and hostnames.☆18Jun 17, 2026Updated 3 weeks ago
- Clean Indirect Syscalls with Hook Evasion & Return Address Spoofing.☆97Apr 30, 2026Updated 2 months ago
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Ported from [LACUNA Chain](https://github.com/MazX0p/LACUNA-Chain) by Mohamed Alzhrani (0xmaz). lacuna-rs is a reusable Rust crate that …☆17Jul 2, 2026Updated last week
- .NET CLR-Stomping☆146May 20, 2026Updated last month
- Dump TGTs remotely and convert Windows' klist binary output to ccache.☆80Jun 30, 2026Updated 2 weeks ago
- Set of PoC to abuse Windows minifilters functionality☆93May 1, 2026Updated 2 months ago
- Repository hosting a hypothetical EDR Spoofer, as discovered originally by Nightmare-Eclipse☆41May 27, 2026Updated last month
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆41Aug 5, 2025Updated 11 months ago
- This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found …☆313May 24, 2026Updated last month
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆134Mar 30, 2026Updated 3 months ago
- KHAOS is a modern C2 framework that routes agent traffic through cloud services already trusted by enterprise networks.☆186Updated this week
- Entra ID user enumeration and auth method discovery via the public GetCredentialType API☆156Updated this week
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- Memory API proxy via signed mozglue.dll☆40Jun 25, 2026Updated 2 weeks ago
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated 2 weeks ago