CBLabresearch / ClematisLinks
PE to shellcode
☆251Updated 9 months ago
Alternatives and similar repositories for Clematis
Users that are interested in Clematis are comparing it to the libraries listed below
Sorting:
- beta☆119Updated last year
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆287Updated 5 months ago
- Process injection alternative☆344Updated last year
- Open repository for learning dynamic shellcode loading (sample in many programming languages)☆268Updated 2 months ago
- A Tool that aims to evade av with binary padding☆155Updated last year
- Next Generation C2 Framework☆376Updated last week
- IoM implant, C2 Framework and Infrastructure☆221Updated last week
- C2 redirector base on caddy☆208Updated last year
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆200Updated 2 years ago
- Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode☆187Updated last year
- CPP AV/EDR Killer☆445Updated last year
- A Windows potato to privesc☆384Updated last year
- ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过☆40Updated 4 months ago
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆391Updated 2 years ago
- ☆100Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆272Updated 6 months ago
- ☆244Updated 2 years ago
- A Beacon Object File (BOF) template for Visual Studio☆246Updated last month
- AdaptixFramework Extension Kit☆257Updated last week
- Binary Hollowing☆82Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆416Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆320Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆237Updated 7 months ago
- windows-rs shellcode loaders☆375Updated last year
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆195Updated 4 months ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆363Updated 2 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆78Updated last year
- rust远程shellcode加载, 过Microsoft Defender、360、火绒☆26Updated 9 months ago
- WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler☆128Updated 2 months ago
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆326Updated last year