0xrawsec / golang-etwLinks
☆39Updated 2 years ago
Alternatives and similar repositories for golang-etw
Users that are interested in golang-etw are comparing it to the libraries listed below
Sorting:
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆61Updated 2 years ago
- Go implementation of the Heaven's Gate technique☆99Updated 4 years ago
- A PoC package for hosting the CLR and executing .NET from Go☆76Updated last year
- Reflectively load PE☆104Updated 5 years ago
- Process Injection Techniques with Golang☆79Updated 5 years ago
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆71Updated 3 years ago
- 🔎🪲 Malleable C2 profiles parser and assembler written in golang☆67Updated last year
- Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.☆41Updated 2 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆64Updated 3 years ago
- ☆147Updated 2 years ago
- A Lazy Programmer's Tips for Avoiding the SOC ~ BSides Belfast 2024☆16Updated 11 months ago
- eXtensiable Malware Toolkit: Full Featured Golang C2 Framework with Awesome Features☆100Updated 3 weeks ago
- A library to make HTTP requests with the Windows winhttp API☆23Updated last year
- Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode☆104Updated 2 years ago
- A Microsoft windows x86_64 Golang shellcode tester that includes example calc.exe shellcode.☆69Updated 7 years ago
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆114Updated 4 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆103Updated 4 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 6 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆174Updated 2 months ago
- Go library for ETW (Event Tracing for Windows) events processing☆68Updated 3 years ago
- Allow a Go process to dynamically load .NET assemblies☆149Updated 5 years ago
- Proof of concept SMB C2 using named pipes in Golang☆25Updated 5 years ago
- ☆45Updated 4 months ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Updated 4 years ago
- Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.☆118Updated 4 years ago
- Research project for understanding how Mimikatz work and become better at C☆124Updated 3 years ago
- Simple windows rpc server for research purposes only☆83Updated 3 years ago
- This repo will contain the core detection, only for Cobaltstrike's leaked versions. Non-leaked version detections wont be shared☆89Updated last year
- Process injection techniques written in Go.☆63Updated 2 years ago
- ☆18Updated last year