APTortellini / DoH-StagerView external linksLinks
☆14Nov 29, 2021Updated 4 years ago
Alternatives and similar repositories for DoH-Stager
Users that are interested in DoH-Stager are comparing it to the libraries listed below
Sorting:
- ☆15Aug 17, 2023Updated 2 years ago
- ☆18Jul 4, 2019Updated 6 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆18Jan 3, 2022Updated 4 years ago
- A C++ syscall ID extractor for Windows. Developed, debugged and tested on 20H2.☆21May 25, 2021Updated 4 years ago
- ☆24May 28, 2021Updated 4 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- A simple PE loader.☆27Dec 9, 2022Updated 3 years ago
- ☆12Aug 10, 2019Updated 6 years ago
- Swift code to parse the quarantine history database, Chrome history database, Safari history database, and Firefox history database on ma…☆15Dec 3, 2020Updated 5 years ago
- Ready-to-use headers for Windows Kernel SSDT indices☆11Apr 12, 2020Updated 5 years ago
- Remote PE reflective injection with a simple reflective loader☆32Jun 28, 2019Updated 6 years ago
- Various implementations for C# in memory execution. Assembly.Load() Assembly.LoadFile() AppDomain.ExecuteAssembly()☆35Feb 10, 2021Updated 5 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 3 years ago
- Modify data structures in the Windows kernel, hiding processes by PID☆16Oct 29, 2017Updated 8 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- Dynamic Callbacks can be used for re-establishing communication with C2 infrastructure and for achieving persistence by using different m…☆15Oct 17, 2018Updated 7 years ago
- Protected Process Light Library☆18Jun 20, 2020Updated 5 years ago
- x64 Windows privilege elevation using anycall☆22May 28, 2021Updated 4 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 4 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- Hooking Heavens Gate in a weekend☆13Jan 1, 2022Updated 4 years ago
- Just another useless C2 occupying space in some HDD somewhere.☆21Jul 4, 2023Updated 2 years ago
- ☆15Aug 23, 2020Updated 5 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆50Sep 27, 2025Updated 4 months ago
- Manually perform syscalls without going through any external API or DLL.☆19Apr 19, 2023Updated 2 years ago
- An auto-scoring capture-the-flag game focusing on TOCTOU vulnerabilities☆21Oct 28, 2020Updated 5 years ago
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- Sukoshi is a proof-of-concept Python/C++ implant that leverages the MQTT protocol for C2 and uses AWS IoT Core as infrastructure.☆47Mar 26, 2022Updated 3 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…☆41Sep 3, 2020Updated 5 years ago
- ☆18Feb 14, 2019Updated 6 years ago
- An azure devops tool for moar automation :D☆20Dec 8, 2022Updated 3 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 5 years ago