BeetleChunks / ObligatoLinks
This project is an implant framework designed for long term persistent access to Windows machines.
☆110Updated last year
Alternatives and similar repositories for Obligato
Users that are interested in Obligato are comparing it to the libraries listed below
Sorting:
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆107Updated 2 years ago
- Do some DLL SideLoading magic☆83Updated last year
- Simple BOF to read the protection level of a process☆114Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆116Updated last year
- Find DLLs with RWX section☆81Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 11 months ago
- ☆124Updated last year
- ☆136Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆90Updated 11 months ago
- ☆151Updated last year
- Construct the payload at runtime using an array of offsets☆63Updated 11 months ago
- ☆184Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆264Updated 8 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆97Updated last year
- Your syscall factory☆123Updated last week
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆165Updated 2 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated last year
- ☆122Updated last year
- I have documented all of the AMSI patches that I learned till now☆72Updated 2 months ago
- Windows Thread Pool Injection Havoc Implementation☆29Updated last year
- Malware?☆70Updated 7 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆95Updated 2 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- ☆106Updated 4 months ago
- ☆119Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 2 months ago
- ☆110Updated 6 months ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Updated last year