0xf00sec / AetherView external linksLinks
Self-mutating macOS implant
☆121Dec 18, 2025Updated last month
Alternatives and similar repositories for Aether
Users that are interested in Aether are comparing it to the libraries listed below
Sorting:
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 6 months ago
- BOF to decrypt Signal Desktop chat logs☆72Feb 20, 2025Updated 11 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆135Apr 6, 2025Updated 10 months ago
- A runtime for developing large-scale and complex shellcode.☆22Updated this week
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆122Jan 17, 2026Updated 3 weeks ago
- ☆47Dec 5, 2025Updated 2 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆63Apr 2, 2025Updated 10 months ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 5 months ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 7 months ago
- command control framework☆29Updated this week
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆31Jan 27, 2025Updated last year
- ☆53Sep 23, 2025Updated 4 months ago
- ☆17Jan 9, 2025Updated last year
- Smart keylogging capability to steal SSH Credentials including password & Private Key☆151Mar 26, 2025Updated 10 months ago
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆74Aug 24, 2025Updated 5 months ago
- Tools for analyzing EDR agents☆277Jun 10, 2024Updated last year
- BOF with Synthetic Stackframe☆220Oct 30, 2025Updated 3 months ago
- Blog/Journal on how to backdoor VSCode extensions☆76Updated this week
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- A .NET implementation to dump SAM, SYSTEM, SECURITY registry hives from a remote host☆41Dec 8, 2023Updated 2 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- Call Stack Spoofing for Rust☆209Jan 28, 2026Updated 2 weeks ago
- Payload Generation Workflow☆40Jul 18, 2025Updated 6 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆19Dec 3, 2024Updated last year
- Powershell and python utilties for Entra Connect☆27Jun 5, 2025Updated 8 months ago
- AzDevRecon is a powerful web-based enumeration tool for offensive security professionals, red teamers, and pentesters targeting Azure Dev…☆25Oct 13, 2025Updated 4 months ago
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆287Apr 29, 2025Updated 9 months ago
- A Reflective Loader for macOS☆146Jul 20, 2025Updated 6 months ago
- Find jmp gadgets for call stack spoofing.☆75Oct 1, 2025Updated 4 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆208Dec 25, 2024Updated last year
- Adversary Emulation Framework☆129Jul 1, 2025Updated 7 months ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- A pointer encryption library intended for Red Team implant design in Rust.☆64Oct 1, 2025Updated 4 months ago
- Your Skyfall Infrastructure Pack☆90Jan 25, 2026Updated 2 weeks ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆609Jan 2, 2025Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 9 months ago