☆17May 7, 2025Updated 10 months ago
Alternatives and similar repositories for tutorials
Users that are interested in tutorials are comparing it to the libraries listed below
Sorting:
- A Practical example of ELAM (Early Launch Anti-Malware)☆36Nov 12, 2021Updated 4 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Golang CLI binary used for installing and managing Ghostwriter☆19Feb 24, 2026Updated 3 weeks ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- ☆15May 3, 2024Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 4 months ago
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Aug 19, 2021Updated 4 years ago
- ☆14Jan 7, 2023Updated 3 years ago
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year
- Leveraging TPM2 TCG Logs (Measured Boot) to Detect UEFI Drivers and Pre-Boot Applications☆22Mar 28, 2025Updated 11 months ago
- ☆19Nov 28, 2024Updated last year
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆79Aug 5, 2024Updated last year
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- A simple SOCKS5 server written in Go☆31Nov 7, 2016Updated 9 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆98Mar 20, 2023Updated 3 years ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- C Header Only Library for Virii☆11Nov 17, 2020Updated 5 years ago
- suspect is a simple bash triage tool☆19Aug 30, 2018Updated 7 years ago
- A work-in-progress C++20/23 header-only maths library for game development, embedded, kernel and general-purpose that works in constant c…☆25Dec 6, 2022Updated 3 years ago
- A runtime for developing large-scale and complex shellcode.☆22Mar 3, 2026Updated 2 weeks ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆31Feb 11, 2021Updated 5 years ago
- Position-independent Reflective Loader for macOS☆119Feb 19, 2026Updated last month
- ☆19Aug 26, 2020Updated 5 years ago
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆37Apr 24, 2025Updated 10 months ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆162Mar 1, 2024Updated 2 years ago
- Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.☆22Jan 6, 2025Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- ☆20Feb 23, 2019Updated 7 years ago
- Enhanced version of binaryninja-ollama and without using the ollama Python library☆13Jan 23, 2025Updated last year
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆53Jan 29, 2015Updated 11 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- kerberos in rust for fun and profit☆51Mar 13, 2026Updated last week
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆158Mar 26, 2025Updated 11 months ago
- Yet another LLVM-based obfuscator☆125Sep 3, 2024Updated last year
- A set of LLVM and GCC based plugins that perform code obfuscation.☆139Oct 20, 2025Updated 5 months ago