BeetleChunks / Obligato
This project is an implant framework designed for long term persistent access to Windows machines.
☆110Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Obligato
- ☆126Updated 3 months ago
- Construct the payload at runtime using an array of offsets☆58Updated 5 months ago
- A bunch of scripts and code i wrote.☆131Updated 2 weeks ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆209Updated 2 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- ☆175Updated 11 months ago
- ☆118Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆145Updated 11 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 6 months ago
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆82Updated 7 months ago
- ☆133Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆145Updated 3 weeks ago
- Find DLLs with RWX section☆75Updated last year
- Just another C2 Redirector using CloudFlare.☆78Updated 6 months ago
- ☆105Updated last year
- Splitting and executing shellcode across multiple pages☆99Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆81Updated 5 months ago
- ☆117Updated 2 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆174Updated last year
- Do some DLL SideLoading magic☆75Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆80Updated 4 months ago
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆103Updated 2 months ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆108Updated last year
- Your syscall factory☆121Updated 2 months ago
- Tool for playing with Windows Access Token manipulation.☆51Updated last year
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆163Updated last year
- Lateral Movement via the .NET Profiler☆76Updated 5 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆91Updated last year