0xrawsec / golang-etw
☆36Updated 2 years ago
Alternatives and similar repositories for golang-etw:
Users that are interested in golang-etw are comparing it to the libraries listed below
- 🔎🪲 Malleable C2 profiles parser and assembler written in golang☆64Updated 10 months ago
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆61Updated last year
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 5 years ago
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆43Updated last year
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- A PoC package for hosting the CLR and executing .NET from Go☆70Updated 8 months ago
- golang implementation of Syswhisper2/Syswhisper3☆23Updated 2 years ago
- Go library for ETW (Event Tracing for Windows) events processing☆63Updated 2 years ago
- Go implementation of the Heaven's Gate technique☆97Updated 4 years ago
- Reflectively load PE☆104Updated 4 years ago
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆112Updated 3 years ago
- Sandbox evasion code snippets developped in Golang☆19Updated 2 years ago
- Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.☆41Updated 2 years ago
- MacOS C2 Framework☆83Updated 3 years ago
- ☆18Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- Simple windows rpc server for research purposes only☆82Updated 2 years ago
- ☆45Updated 2 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Updated 2 years ago
- Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode☆103Updated last year
- Savoir is a tool to perform tasks during internal security assessment☆19Updated 2 years ago
- ☆142Updated 2 years ago
- Simple HTTP async comms using standard GET/POST requests☆32Updated last week
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆65Updated 2 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 2 years ago
- Golang Direct Syscall☆30Updated 3 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆122Updated 2 years ago
- ☆36Updated 4 years ago
- Modular C2 framework aiming to ease post exploitation for red teamers.☆187Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆99Updated 3 years ago