☆79Aug 2, 2023Updated 2 years ago
Alternatives and similar repositories for PerfExec
Users that are interested in PerfExec are comparing it to the libraries listed below
Sorting:
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- ☆223Mar 10, 2024Updated last year
- ☆57Apr 19, 2023Updated 2 years ago
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- ☆37Feb 11, 2023Updated 3 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Native Syscalls Shellcode Injector☆266Jul 2, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆330Jul 15, 2024Updated last year
- PoC to coerce authentication from Windows hosts using MS-WSP☆302Sep 7, 2023Updated 2 years ago
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆394Jan 9, 2024Updated 2 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- Escalate Service Account To LocalSystem via Kerberos☆403Sep 14, 2023Updated 2 years ago
- Winsocket for Cobalt Strike.☆102Jul 6, 2023Updated 2 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆125Apr 9, 2022Updated 3 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆776Jan 26, 2026Updated last month
- ☆223Oct 22, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Generate droppers with encrypted payloads automatically.☆54Nov 16, 2021Updated 4 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- C or BOF file to extract WebKit master key to decrypt user cookie☆207Apr 29, 2024Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Sep 21, 2023Updated 2 years ago
- Python module for running BOFs☆79Nov 28, 2025Updated 3 months ago
- Collection of random RedTeam scripts.☆211Mar 8, 2024Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- Beacon Object Files (not Buffer Overflows)☆58Mar 6, 2023Updated 2 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- ☆142May 4, 2022Updated 3 years ago