Andy53 / ERC.Xdbg

Related projects: ⓘ

• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆240Updated 3 years ago
• trickster0 / TartarusGate
  TartarusGate, Bypassing EDRs
  ☆519Updated 2 years ago
• VoidSec / Exploit-Development
  Exploit Development - Weaponized Exploit and Proof of Concepts (PoC)
  ☆213Updated last year
• ycdxsb / WindowsPrivilegeEscalation
  Collection of Windows Privilege Escalation (Analyse/PoC/Exp...)
  ☆298Updated last year
• hasherezade / process_ghosting
  Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…
  ☆627Updated 6 months ago
• rajiv2790 / FalconEye
  ☆288Updated 3 years ago
• connormcgarr / Exploit-Development
  ☆293Updated 2 years ago
• Dec0ne / HWSyscalls
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆597Updated last year
• lab52io / LeakedHandlesFinder
  Leaked Windows processes handles identification tool
  ☆268Updated 2 years ago
• plackyhacker / Shellcode-Injection-Techniques
  A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this proje…
  ☆446Updated 2 years ago
• itm4n / PPLdump
  Dump the memory of a PPL with a userland exploit
  ☆839Updated 2 years ago
• deepinstinct / Dirty-Vanity
  A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…
  ☆612Updated last year
• hasherezade / process_overwriting
  Yet another variant of Process Hollowing
  ☆349Updated 6 months ago
• wietze / windows-dll-hijacking
  Project for identifying executables and DLLs vulnerable to relative path DLL hijacking.
  ☆435Updated 4 months ago
• Bw3ll / sharem
  SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…
  ☆334Updated this week
• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆162Updated 6 years ago
• xuanxuan0 / DripLoader
  Evasive shellcode loader for bypassing event-based injection detection (PoC)
  ☆701Updated 3 years ago
• OALabs / BlobRunner
  Quickly debug shellcode extracted during malware analysis
  ☆547Updated last year
• med0x2e / ExecuteAssembly
  Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…
  ☆536Updated 3 years ago
• r3p3r / nixawk-awesome-windows-exploitation
  ☆173Updated 6 years ago
• am0nsec / HellsGate
  Original C Implementation of the Hell's Gate VX Technique
  ☆934Updated 3 years ago
• ethereal-vx / Antivirus-Artifacts
  Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.
  ☆722Updated 2 years ago
• Cracked5pider / Ekko
  Sleep Obfuscation
  ☆661Updated 9 months ago
• tbhaxor / WinAPI-RedBlue
  Source code of exploiting windows API for red teaming series
  ☆146Updated last year
• Cracked5pider / KaynLdr
  KaynLdr is a Reflective Loader written in C/ASM
  ☆514Updated 9 months ago
• tandasat / ExploitCapcom
  This is a standalone exploit for a vulnerable feature in Capcom.sys
  ☆280Updated 2 years ago
• forrest-orr / phantom-dll-hollower-poc
  Phantom DLL hollowing PoC
  ☆349Updated 2 years ago
• jacob-baines / concealed_position
  Bring your own print driver privilege escalation tool
  ☆241Updated 3 years ago
• shogunlab / building-c2-implants-in-cpp
  The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).
  ☆218Updated 2 months ago
• antonioCoco / Mapping-Injection
  Just another Windows Process Injection
  ☆387Updated 4 years ago