Stack spoofing Detection for CET processes by comparing shadow and user stacks.
☆36May 22, 2026Updated last month
Alternatives and similar repositories for cet-spoofing-detection
Users that are interested in cet-spoofing-detection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Proof of concept to detect module stomping detection by looking for modified .pdata sections.☆39Jun 11, 2026Updated last month
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- Busybox-style Beacon Object Files for *nix post-exploitation. Reimplements common Unix utilities as BOFs for use in stripped environments…☆81Jul 5, 2026Updated last week
- Bring your own Unwind Data Framework☆156Mar 15, 2026Updated 4 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Microsoft Graph API post-exploitation framework with a browser-based GUI.☆51Apr 15, 2026Updated 3 months ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated last year
- A modern alternative Web-UI for the Mythic Command and Control Server☆79Jul 3, 2026Updated last week
- Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory)☆69Apr 3, 2026Updated 3 months ago
- Async BOF that monitors USB device connect/disconnect events, reports device information and performs actions on connected USB storage vo…☆56Jun 17, 2026Updated 3 weeks ago
- Async BOF that notifies the operator when a user connects to a local or remote target system.☆34Jun 17, 2026Updated 3 weeks ago
- Windows native ETW inspection suite for browsing providers, reading metadata, consuming live events, recording ETL traces, filtering resu…☆86Jun 27, 2026Updated 2 weeks ago
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 3 months ago
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- .NET CLR-Stomping☆146May 20, 2026Updated last month
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- Windows memory scanner for call stack spoofing detection, unbacked shellcode, injected DLLs and in-memory C2 implants.☆37May 22, 2026Updated last month
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆109May 25, 2026Updated last month
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆73Mar 8, 2026Updated 4 months ago
- Beacon Object File to Enable Chrome DevTools Protocol (CDP)☆116Jul 1, 2026Updated last week
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆97Apr 9, 2026Updated 3 months ago
- arm64 linux position-independent shellcode framework☆31Dec 12, 2025Updated 7 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Hijacking the Windows network stack from the kernel :)☆46May 5, 2026Updated 2 months ago
- This repository contains the research tool presented at x33fcon 2026, along with the associated presentation slides. The content is made …☆62Jun 15, 2026Updated 3 weeks ago
- Beacon Debugger☆56Oct 28, 2024Updated last year
- PrimitiveInjection by using Read, Write and Allocation Primitives.☆54Jun 21, 2025Updated last year
- ☆22May 19, 2026Updated last month
- Reversed cassandra source code for educational purposes☆28Jul 3, 2026Updated last week
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆142Apr 22, 2026Updated 2 months ago
- System Call Integrity Layer - experimental security research☆28Apr 14, 2026Updated 3 months ago
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated last week
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Cobalt Strike BOF to obtain location data☆26Jul 4, 2026Updated last week
- .NET process monitor that hooks CLR at the native layer, dumps reflective assemblies from memory, and checks AMSI/ETW integrity vs on dis…☆39Updated this week
- Rusty DoublePulsar - Cobalt Strike User-Defined Reflective Loader (UDRL) in Rust (Codename: DoublePulsar)☆113May 14, 2026Updated 2 months ago
- ☆55Oct 13, 2025Updated 9 months ago
- A compiled language for Windows position-independent x86-64 shellcode and Beacon Object Files.☆170Jun 28, 2026Updated 2 weeks ago
- This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found …☆313May 24, 2026Updated last month
- BOF for extracting Edge credentials from the main browser process.☆48May 5, 2026Updated 2 months ago