Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared library. Format inspired by @rasta-mouse's LibTP.
☆83Nov 6, 2025Updated 5 months ago
Alternatives and similar repositories for LibTPLoadLib
Users that are interested in LibTPLoadLib are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆40Nov 25, 2025Updated 5 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆103Oct 18, 2025Updated 6 months ago
- Beacon Object Files (BOFs) for Cobalt Strike and Havoc C2. Implementations of Active Directory attacks and post-exploitation techniques.☆114Jan 26, 2026Updated 3 months ago
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆96Jan 2, 2026Updated 3 months ago
- some leaked src code for known and unknown malwares☆23Aug 15, 2025Updated 8 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…☆69Feb 17, 2026Updated 2 months ago
- Templates for developing your own listeners and agents for AdaptixC2.☆49Feb 28, 2026Updated 2 months ago
- A large collection of blogs 🦐☆13Apr 12, 2025Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆63Nov 8, 2024Updated last year
- Notion C2 Profile for Mythic☆45Mar 3, 2026Updated last month
- ☆37Jul 1, 2025Updated 9 months ago
- 7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal☆18Apr 17, 2021Updated 5 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 11 months ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆133Jan 28, 2026Updated 3 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Shellcode injection using the Windows Debugging API☆178Jan 4, 2026Updated 3 months ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Demo of process injection, using Nt, direct syscall, etc.☆27Sep 29, 2021Updated 4 years ago
- Linux Process Injection via Seccomp Notifier☆94Dec 9, 2025Updated 4 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆157Nov 2, 2025Updated 5 months ago
- A different approach to writing BOFs in rust.☆21Aug 20, 2025Updated 8 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆217Aug 21, 2025Updated 8 months ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆68Dec 25, 2025Updated 4 months ago
- This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.☆51Jan 19, 2026Updated 3 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 5 months ago
- Finding Truth in the Shadows☆127Jan 26, 2023Updated 3 years ago
- A simple Sleepmask BOF example☆172Nov 24, 2025Updated 5 months ago
- BOF with Synthetic Stackframe☆244Oct 30, 2025Updated 5 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 3 months ago
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆45Aug 10, 2025Updated 8 months ago
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆296Feb 21, 2026Updated 2 months ago
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆26Aug 21, 2023Updated 2 years ago
- ☆109Oct 29, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- converts sRDI compatible dlls to shellcode☆38Jan 20, 2025Updated last year
- Sleep obfuscation☆273Dec 13, 2024Updated last year
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- One WSL BOF to rule them all☆175Jan 14, 2026Updated 3 months ago
- MacOS Shared Library to Shellcode Loader☆65Feb 23, 2026Updated 2 months ago
- ☆58Apr 20, 2026Updated last week
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆107Apr 22, 2026Updated last week