ChaitanyaHaritash / Callback_Shellcode_Injection
POCs for Shellcode Injection via Callbacks
☆406Updated 4 years ago
Alternatives and similar repositories for Callback_Shellcode_Injection:
Users that are interested in Callback_Shellcode_Injection are comparing it to the libraries listed below
- X86 version of syswhispers2 / x86 direct system call☆325Updated 4 years ago
- A little tool to play with the Seclogon service☆312Updated 2 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆657Updated last year
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆207Updated 2 years ago
- Collection of Beacon Object Files☆583Updated 2 years ago
- A protective and Low Level Shellcode Loader that defeats modern EDR systems.☆902Updated last year
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆471Updated 2 years ago
- PIC lsass dumper using cloned handles☆583Updated 2 years ago
- Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…☆225Updated last year
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆314Updated 7 months ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆348Updated 2 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆709Updated 7 months ago
- Open repository for learning dynamic shellcode loading (sample in many programming languages)☆244Updated 3 months ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆280Updated 2 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆449Updated last year
- TartarusGate, Bypassing EDRs☆580Updated 3 years ago
- Misc TaskScheduler Plays☆232Updated 2 years ago
- A Nim implementation of reflective PE-Loading from memory☆278Updated 7 months ago
- C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can…☆517Updated 3 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆377Updated 2 years ago
- Load/Inject .NET assemblies by; reusing the host (spawnto) process loaded CLR AppDomainManager, Stomping Loader/.NET assembly PE DOS head…☆578Updated 3 years ago
- Cobalt Strike Shellcode Generator☆654Updated 3 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆926Updated 10 months ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)☆315Updated 3 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆710Updated 3 years ago
- An implementation and proof-of-concept of Process Forking.☆226Updated 3 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆304Updated 3 years ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆356Updated 2 years ago
- not a reverse-engineered version of the Cobalt Strike Beacon☆357Updated last year
- A PoC implementation for dynamically masking call stacks with timers.☆272Updated 2 years ago