0xedh / DEFCON33-KillChainReloadedView external linksLinks
Repository for the DEF CON 33 talk: Kill Chain Reloaded
☆79Aug 3, 2025Updated 6 months ago
Alternatives and similar repositories for DEFCON33-KillChainReloaded
Users that are interested in DEFCON33-KillChainReloaded are comparing it to the libraries listed below
Sorting:
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Command and Control Framework using powershell implants☆35Jun 17, 2025Updated 7 months ago
- LPE / RCE Exploits for various vulnerable "Bloatware" products☆84Aug 5, 2025Updated 6 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 6 months ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 3 months ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- Windows rootkit designed to work with BYOVD exploits☆214Jan 18, 2025Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 7 months ago
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆153Sep 20, 2024Updated last year
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆81Jan 26, 2026Updated 2 weeks ago
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆166Jul 31, 2025Updated 6 months ago
- COM ViewLogger — new malware keylogging technique☆403Jan 6, 2025Updated last year
- Linker for Beacon Object Files☆149Updated this week
- CVE-2024-30090 - LPE PoC☆108Oct 17, 2024Updated last year
- ☆28Dec 8, 2025Updated 2 months ago
- ☆109Feb 17, 2025Updated 11 months ago
- BOF/COFF obj file to PIC(shellcode). by golang☆39Sep 28, 2022Updated 3 years ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆84Oct 18, 2024Updated last year
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆204Aug 21, 2025Updated 5 months ago
- Intel 64/Windows low-level experiments☆63Aug 25, 2025Updated 5 months ago
- Mentally ill EtwTi parser☆66Jan 11, 2026Updated last month
- Abusing Azure services over C2☆368Jan 20, 2026Updated 3 weeks ago
- ☆106Aug 21, 2024Updated last year
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- This repo contains useful scripts that AI created for me which I would have been too lazy for☆76Feb 6, 2026Updated last week
- Exploit POC for CVE-2024-36877☆48Aug 14, 2024Updated last year
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 3 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆97Oct 7, 2024Updated last year
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆433Jun 27, 2025Updated 7 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- ☆80Apr 23, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- ☆163Jun 12, 2025Updated 8 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 4 months ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆111Mar 10, 2024Updated last year
- ☆18Jan 26, 2026Updated 2 weeks ago
- ShadowDropper is a utility for covertly delivering and executing payloads on a target system.☆26Jul 4, 2025Updated 7 months ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year