0xTriboulet / Red_Team_Code_Snippets
random code snippets, useful for getting started
☆112Updated last week
Related projects ⓘ
Alternatives and complementary repositories for Red_Team_Code_Snippets
- ☆105Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆145Updated 11 months ago
- ☆156Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆278Updated last year
- Create Anti-Copy DRM Malware☆46Updated 3 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆95Updated last year
- Run Your Payload Without Running Your Payload☆177Updated 2 years ago
- Local & remote Windows DLL Proxying☆160Updated 5 months ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆125Updated 2 weeks ago
- Evasive Golang Loader☆130Updated 3 months ago
- A set of programs for analyzing common vulnerabilities in COM☆155Updated 2 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆148Updated 5 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆171Updated 10 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 6 months ago
- Execute shellcode files with rundll32☆184Updated 9 months ago
- ☆175Updated 11 months ago
- ☆118Updated last year
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆138Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆225Updated last year
- (Demo) 3rd party agent for Havoc☆129Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆91Updated last year
- ApexLdr is a DLL Payload Loader written in C☆104Updated 4 months ago
- Shaco is a linux agent for havoc☆144Updated last year
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆113Updated 4 months ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆170Updated 8 months ago
- ☆160Updated last year
- Find DLLs with RWX section☆75Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆147Updated 6 months ago
- REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…☆129Updated 9 months ago