A Simple PoC
☆22May 24, 2024Updated last year
Alternatives and similar repositories for ThreadlessSpawn
Users that are interested in ThreadlessSpawn are comparing it to the libraries listed below
Sorting:
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- ☆29May 10, 2024Updated last year
- C# API for Nidhogg rootkit☆21Apr 25, 2024Updated last year
- Golang tool designed to exfiltrate passwords found via the sshd and su services☆26Nov 23, 2025Updated 3 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆20Dec 3, 2024Updated last year
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆108Jan 3, 2021Updated 5 years ago
- AV/EDR killer using BYOVD technique☆43Sep 27, 2024Updated last year
- ☆37Feb 11, 2023Updated 3 years ago
- Rust 重构的 sRDI☆17Sep 9, 2024Updated last year
- A runtime for developing large-scale and complex shellcode.☆22Feb 15, 2026Updated last week
- A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++☆37Jan 10, 2024Updated 2 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- 看雪 LLVM与代码混淆技术 笔记☆23Aug 31, 2023Updated 2 years ago
- A command and control framework.☆54Dec 26, 2024Updated last year
- LOCAL AND REMOTE HOOK msv1_0!SpAcceptCredentials from LSASS.exe and DUMP DOMAIN/LOGIN/PASSWORD IN CLEARTEXT to text file.☆123Jan 27, 2020Updated 6 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆79Dec 23, 2023Updated 2 years ago
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year
- Shellcode Reductio Entropy Tools☆74Oct 8, 2023Updated 2 years ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated last year
- Sliver agent rewritten in C++☆49Sep 4, 2024Updated last year
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆65Jul 29, 2023Updated 2 years ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- Exploitation of process killer drivers☆202Oct 17, 2023Updated 2 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Former UEFI Firmware Rootkit Replicating MoonBounce / ESPECTRE☆11Jun 14, 2022Updated 3 years ago
- ☆17Jan 12, 2026Updated last month
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode☆201May 28, 2024Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆54Feb 29, 2024Updated 2 years ago
- Evasive shellcode loader☆400Oct 17, 2024Updated last year
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆52May 8, 2024Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 9 months ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- go实现windows计划任务管理,过杀软☆13Aug 26, 2021Updated 4 years ago