7h3w4lk3r / Kill-FloorLinks
AV/EDR killer using BYOVD technique
☆34Updated 11 months ago
Alternatives and similar repositories for Kill-Floor
Users that are interested in Kill-Floor are comparing it to the libraries listed below
Sorting:
- Winsocket for Cobalt Strike.☆99Updated 2 years ago
- Evasive loader to bypass static detection☆58Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Updated 2 years ago
- A nim implementation of sRDI☆19Updated last year
- Beacon Object Files.☆37Updated last year
- Detect Beacon Powerful (Include CobatStrike 4.10 Aha~)☆21Updated 10 months ago
- Exploit development involves tools like exploitation frameworks and CVE databases. LNK exploits, such as LNK builder or LNK payload techn…☆12Updated this week
- Use CMSTP.exe to bypass UAC.☆47Updated 3 years ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆40Updated last month
- ☆16Updated 2 years ago
- POC tool to extract all persistent clipboard history data from clipboard service process memory☆47Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆84Updated 2 years ago
- A Simple PoC☆21Updated last year
- Indirect NT syscalls LSASS dumper.☆46Updated 2 years ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆49Updated last year
- ☆42Updated 2 years ago
- BOF/COFF obj file to PIC(shellcode). by golang☆39Updated 2 years ago
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Updated 2 years ago
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆78Updated 2 years ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆58Updated 6 months ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆60Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆47Updated 2 years ago
- Titan: A generic user defined reflective DLL for Cobalt Strike☆77Updated 2 years ago
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆59Updated 2 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆35Updated 5 months ago
- Sliver agent rewritten in C++☆48Updated 11 months ago
- BypassCredGuard CS BOF☆45Updated 7 months ago
- CVE-2024-40711-exp☆42Updated 10 months ago
- A SigFlip implement in golang☆47Updated 3 years ago
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆85Updated 2 years ago