BlackSnufkin / HolyGrailView external linksLinks
BYOVD hunter to help prioritize windows drivers worth manual analysis
☆74Aug 19, 2025Updated 5 months ago
Alternatives and similar repositories for HolyGrail
Users that are interested in HolyGrail are comparing it to the libraries listed below
Sorting:
- 🛠️ Explore custom C2 TTPs with Aether-C2-Framework, focusing on lightweight Rust implants and stealthy transport stacks to reduce forens…☆18Updated this week
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆28Jul 19, 2025Updated 6 months ago
- string encryption in Nim☆20Jun 15, 2024Updated last year
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆64Mar 1, 2025Updated 11 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Structured CSVs and table schemas extracted from the 29-April-2025 LockBit affiliate-panel database leak.☆28May 8, 2025Updated 9 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 10 months ago
- Collection of red team techniques.☆66Apr 25, 2025Updated 9 months ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated 11 months ago
- Cross Compatible Command and Control☆47Dec 18, 2025Updated last month
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- StealthGuardian is a middleware layer that can be combined with adversary simulation tools to verify the resistance, detection level and…☆20Aug 7, 2024Updated last year
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆28Jun 14, 2024Updated last year
- A cross platform C2/post-exploitation framework☆55Nov 2, 2025Updated 3 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Jan 3, 2025Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- A REALLY Danger Windows Driver, Turn Any threads Ring0!☆13Aug 11, 2025Updated 6 months ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 2 months ago
- A C# implementation that disables Windows Firewall bypassing UAC☆17Oct 23, 2024Updated last year
- ☆20Sep 6, 2025Updated 5 months ago
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated 11 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆135Apr 6, 2025Updated 10 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆42Apr 6, 2025Updated 10 months ago
- Static Encrypt is an crate that encrypts string literals at compile time and only decrypted at runtime when needed.☆55Jan 17, 2026Updated 3 weeks ago
- Use Rust to implement some Red Team techniques :)☆13Nov 11, 2024Updated last year
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆36Jan 13, 2026Updated last month
- A different approach to writing BOFs in rust.☆18Aug 20, 2025Updated 5 months ago
- A cmake template for crystal palace☆38Dec 20, 2025Updated last month
- CyberShield 2025 Intro to EDR Evasion Class☆17Jun 3, 2025Updated 8 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆22Dec 31, 2025Updated last month
- Dump protected files (SAM,SYSTEM,SECURITY) by parsing the raw NTFS partition☆32Nov 11, 2025Updated 3 months ago
- fast-scanner can make it easy for you to develop scanners☆12Jun 8, 2020Updated 5 years ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆104Nov 7, 2025Updated 3 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆102Jan 9, 2026Updated last month
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆81Jan 26, 2026Updated 2 weeks ago
- Find jmp gadgets for call stack spoofing.☆75Oct 1, 2025Updated 4 months ago
- A PowerShell console in C/C++ with all the security features disabled☆341Oct 14, 2025Updated 4 months ago