0xrawsec / golang-etw

Related projects ⓘ

Alternatives and complementary repositories for golang-etw

• synacktiv / AMSI-Bypass
  Lists of AMSI triggers (VBA, JScript / VBScript)
  ☆32Updated 5 years ago
• fkie-cad / yapscan
  Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.
  ☆59Updated last year
• audibleblink / dummyDLL
  Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
  ☆41Updated last year
• Ne0nd0g / go-clr
  A PoC package for hosting the CLR and executing .NET from Go
  ☆67Updated 4 months ago
• aus / gopherheaven
  Go implementation of the Heaven's Gate technique
  ☆94Updated 3 years ago
• ayoul3 / reflect-pe
  Reflectively load PE
  ☆101Updated 4 years ago
• D00Movenok / goMalleable
  🔎🪲 Malleable C2 profiles parser and assembler written in golang
  ☆60Updated 6 months ago
• timwhitez / Doge-sRDI
  Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode
  ☆58Updated 3 years ago
• raykaryshyn / FakeTLS
  Client/server code that impersonates TLS 1.3 to disguise C2 activity.
  ☆59Updated 2 years ago
• morph3 / Windows-RPC-Backdoor
  Simple windows rpc server for research purposes only
  ☆81Updated 2 years ago
• Immersive-Labs-Sec / BruteRatel-DetectionTools
  A collection of Tools and Rules for decoding Brute Ratel C4 badgers
  ☆62Updated 2 years ago
• timwhitez / Doge-Whisper
  golang implementation of Syswhisper2/Syswhisper3
  ☆23Updated 2 years ago
• 0xballistics / inject2pe
  inject or convert shellcode to PE
  ☆37Updated 5 years ago
• iammaguire / Gotato
  Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.
  ☆111Updated 3 years ago
• rxwx / cs-rdll-ipc-example
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆111Updated 4 years ago
• marpie / signed-loaders
  signed-loaders documents Windows executables that can be used for side-loading DLLs.
  ☆67Updated 5 years ago
• fox-it / dissect.cobaltstrike
  Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles
  ☆147Updated last month
• IncludeSecurity / c2-vulnerabilities
  PoCs of RCEs against open source C2 servers
  ☆46Updated last month
• RiccardoAncarani / TaskShell
  ☆56Updated 3 years ago
• grines / goc2
  MacOS C2 Framework
  ☆82Updated 3 years ago
• FalconForceTeam / SysWhispers2BOF
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆117Updated 2 years ago
• audibleblink / xordump
  ☆18Updated 3 years ago
• airzero24 / WMIReg
  PoC to interact with local/remote registry hives through WMI
  ☆83Updated 4 years ago
• nettitude / RunOF
  ☆139Updated last year
• jas502n / mimikat_ssp
  Security Support Provider Interface
  ☆45Updated 4 years ago
• SolomonSklash / SyscallPOC
  Shellcode injection POC using syscalls.
  ☆117Updated 4 years ago
• xforcered / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆50Updated 2 years ago