Bl4ckM1rror / ZombieThread

Related projects: ⓘ

• D1rkMtr / FileLessRemoteShellcode
  ☆138Updated this week
• georgesotiriadis / MalwareDev
  ☆82Updated 2 years ago
• NUL0x4C / NoRunPI
  Run Your Payload Without Running Your Payload
  ☆174Updated last year
• winsecurity / Offensive-C-Sharp
  ☆159Updated last year
• Octoberfest7 / BeatRev
  POC for frustrating/defeating Malware Analysts
  ☆149Updated 2 years ago
• D1rkMtr / RecyclePersist
  ☆96Updated this week
• SaadAhla / GithubC2
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆128Updated last year
• rootshooter / shellcoder
  Shellcode generation and encoding utility
  ☆21Updated 2 years ago
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆141Updated last year
• rootshooter / osep-code-dump-2022
  Code dump from PEN-300/OSEP updated 2022
  ☆39Updated 2 years ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated last year
• ghostpepper108 / Evasion
  ☆105Updated last year
• improsec / BackupOperatorToolkit
  The BackupOperatorToolkit contains different techniques allowing you to escalate from Backup Operator to Domain Admin
  ☆164Updated last year
• trevorsaudi / Mshikaki
  A shellcode injection tool showcasing various process injection techniques
  ☆133Updated 9 months ago
• Mr-Un1k0d3r / AMSI-ETW-Patch
  Patch AMSI and ETW
  ☆227Updated 4 months ago
• kleiton0x00 / RemoteShellcodeExec
  Execute shellcode from a remote-hosted bin file using Winhttp.
  ☆219Updated last year
• 0xTriboulet / Red_Team_Code_Snippets
  random code snippets, useful for getting started
  ☆108Updated 2 months ago
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆114Updated 2 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆72Updated 11 months ago
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆164Updated 8 months ago
• BeetleChunks / Obligato
  This project is an implant framework designed for long term persistent access to Windows machines.
  ☆109Updated 11 months ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆147Updated 9 months ago
• OccamsXor / Dragnmove
  Infect Shared Files In Memory for Lateral Movement
  ☆191Updated last year
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆144Updated 4 months ago
• CodeXTF2 / WindowSpy
  WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.
  ☆256Updated 10 months ago
• VirtualAlllocEx / Payload-Download-Cradles
  This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …
  ☆256Updated 2 years ago
• powerseb / PowerExtract
  ☆110Updated last year
• Diverto / IPPrintC2
  PoC for using MS Windows printers for persistence / command and control via Internet Printing
  ☆139Updated 4 months ago
• dievus / PowerShellRunner
  PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
  ☆41Updated 2 years ago
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆151Updated 8 months ago