Repository for the DEF CON 33 talk: Kill Chain Reloaded
☆79Aug 3, 2025Updated 7 months ago
Alternatives and similar repositories for DEFCON33-KillChainReloaded
Users that are interested in DEFCON33-KillChainReloaded are comparing it to the libraries listed below
Sorting:
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated 8 months ago
- LPE / RCE Exploits for various vulnerable "Bloatware" products☆84Aug 5, 2025Updated 7 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 7 months ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 4 months ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 8 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆153Sep 20, 2024Updated last year
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆168Jul 31, 2025Updated 7 months ago
- COM ViewLogger — new malware keylogging technique☆405Jan 6, 2025Updated last year
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- Linker for Beacon Object Files☆159Feb 22, 2026Updated last week
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- ☆28Feb 11, 2026Updated 3 weeks ago
- ☆109Feb 17, 2025Updated last year
- BOF/COFF obj file to PIC(shellcode). by golang☆39Sep 28, 2022Updated 3 years ago
- The PoC for CVE-2025-70795 / CVE-2026-0828 and its update☆40Feb 16, 2026Updated 2 weeks ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆85Oct 18, 2024Updated last year
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆211Aug 21, 2025Updated 6 months ago
- Intel 64/Windows low-level experiments☆63Aug 25, 2025Updated 6 months ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- ☆108Aug 21, 2024Updated last year
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 4 months ago
- Exploit POC for CVE-2024-36877☆48Aug 14, 2024Updated last year
- C++ Staged Shellcode Loader with Evasion capabilities.☆96Oct 7, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆438Jun 27, 2025Updated 8 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- ☆80Apr 23, 2024Updated last year
- ☆164Jun 12, 2025Updated 8 months ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆111Mar 10, 2024Updated last year
- Blocking Windows EDR agents by registering an own IPC-object in the Object Manager’s namespace (CVE-2023-3280, CVE-2024-5909, CVE-2024-20…☆35Feb 27, 2025Updated last year
- ☆53Mar 26, 2025Updated 11 months ago
- ☆18Jan 26, 2026Updated last month
- A C# PE loader for x64 and x86 PE files.☆47Feb 24, 2026Updated last week