0xZDH / imgect
Inject shellcode into a valid BMP/GIF image.
☆24Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for imgect
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆22Updated 2 months ago
- Code Execution & Persistence in NETWORK SERVICE FAX Service☆31Updated 2 years ago
- API Hammering with C++20☆34Updated 2 years ago
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆30Updated 5 months ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆16Updated 5 years ago
- ☆58Updated 11 months ago
- Reasonably undetected shellcode stager and executer.☆35Updated 2 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆21Updated last year
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆28Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆78Updated 3 years ago
- ☆34Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆81Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆32Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆37Updated 6 months ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆34Updated last year
- Encode shellcode into dictionary words for evasion and entropy reduction☆19Updated 2 weeks ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆37Updated last year
- ☆37Updated last month
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 9 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆42Updated 3 months ago
- PDF Icon File Type Spoofer☆12Updated 4 months ago
- CVE-2024-41570: Havoc C2 0.7 Teamserver SSRF exploit☆35Updated 2 months ago