Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared library. Format inspired by @rasta-mouse's LibTP.
☆84Nov 6, 2025Updated 6 months ago
Alternatives and similar repositories for LibTPLoadLib
Users that are interested in LibTPLoadLib are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆40Nov 25, 2025Updated 5 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆104Oct 18, 2025Updated 7 months ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆114Jan 26, 2026Updated 3 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆96Jan 2, 2026Updated 4 months ago
- some leaked src code for known and unknown malwares☆23Aug 15, 2025Updated 9 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…☆70Feb 17, 2026Updated 3 months ago
- Templates for developing your own listeners and agents for AdaptixC2.☆50Feb 28, 2026Updated 2 months ago
- Atomic test units for BOF execution☆57Apr 26, 2026Updated 3 weeks ago
- A large collection of blogs 🦐☆13Apr 12, 2025Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆63Nov 8, 2024Updated last year
- Notion C2 Profile for Mythic☆46Apr 30, 2026Updated 2 weeks ago
- ☆37Jul 1, 2025Updated 10 months ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Apr 17, 2021Updated 5 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆134Jan 28, 2026Updated 3 months ago
- Shellcode injection using the Windows Debugging API☆177Jan 4, 2026Updated 4 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Demo of process injection, using Nt, direct syscall, etc.☆27Sep 29, 2021Updated 4 years ago
- Linux Process Injection via Seccomp Notifier☆96Dec 9, 2025Updated 5 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆159Nov 2, 2025Updated 6 months ago
- A different approach to writing BOFs in rust.☆21Aug 20, 2025Updated 8 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆68Dec 25, 2025Updated 4 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆224Aug 21, 2025Updated 8 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.☆51Jan 19, 2026Updated 4 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 6 months ago
- Finding Truth in the Shadows☆129Jan 26, 2023Updated 3 years ago
- BOF with Synthetic Stackframe☆247Oct 30, 2025Updated 6 months ago
- A simple Sleepmask BOF example☆173Nov 24, 2025Updated 5 months ago
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆46Aug 10, 2025Updated 9 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 4 months ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆25Aug 21, 2023Updated 2 years ago
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆295Feb 21, 2026Updated 2 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆109Oct 29, 2024Updated last year
- converts sRDI compatible dlls to shellcode☆38Jan 20, 2025Updated last year
- Sleep obfuscation☆276Dec 13, 2024Updated last year
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- One WSL BOF to rule them all☆176Jan 14, 2026Updated 4 months ago
- MacOS Shared Library to Shellcode Loader☆67Feb 23, 2026Updated 2 months ago
- ☆68Apr 20, 2026Updated 3 weeks ago