Cipher7 / ChaiLdr

Related projects: ⓘ

• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆144Updated 4 months ago
• Flangvik / ObfuscatedSharpCollection
  Attempt at Obfuscated version of SharpCollection
  ☆188Updated this week
• MzHmO / NtlmThief
  Extracting NetNTLM without touching lsass.exe
  ☆223Updated 9 months ago
• mertdas / PrivKit
  PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.
  ☆365Updated 3 months ago
• zyn3rgy / smbtakeover
  BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions
  ☆242Updated last month
• WKL-Sec / GregsBestFriend
  GregsBestFriend process injection code created from the White Knight Labs Offensive Development course
  ☆171Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆164Updated 8 months ago
• icyguider / LatLoader
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆266Updated 9 months ago
• ricardojoserf / TrickDump
  Dump lsass using only NTAPIS running 3 programs to create 3 JSON and 1 ZIP file... and generate the Minidump later!
  ☆277Updated this week
• RedefiningReality / Cobalt-Strike
  Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
  ☆233Updated 4 months ago
• TunnelGRE / Percino
  Evasive Golang Loader
  ☆129Updated last month
• RalfHacker / Kerbeus-BOF
  BOF for Kerberos abuse (an implementation of some important features of the Rubeus).
  ☆381Updated 9 months ago
• rasta-mouse / OST-C2-Spec
  Open Source C&C Specification
  ☆215Updated last month
• SaadAhla / GithubC2
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆128Updated last year
• Tylous / Freeze.rs
  Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST
  ☆156Updated 11 months ago
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆188Updated last year
• mertdas / SharpTerminator
  Terminate AV/EDR Processes using kernel driver
  ☆306Updated last year
• WKL-Sec / dcomhijack
  Lateral Movement Using DCOM and DLL Hijacking
  ☆262Updated last year
• MrEmpy / Reaper
  「💀」Proof of concept on BYOVD attack
  ☆147Updated 6 months ago
• Helixo32 / NimBlackout
  Kill AV/EDR leveraging BYOVD attack
  ☆301Updated last year
• MzHmO / LeakedWallpaper
  Leak of any user's NetNTLM hash. Fixed in KB5040434
  ☆214Updated last month
• RtlDallas / Jomungand
  ☆238Updated this week
• 0xsp-SRD / MDE_Enum
  comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…
  ☆193Updated 3 months ago
• ricardojoserf / WhoamiAlternatives
  Different methods to get current username without using whoami
  ☆170Updated 7 months ago
• florylsk / ExecIT
  Execute shellcode files with rundll32
  ☆171Updated 7 months ago
• Zerx0r / dvenom
  🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.
  ☆155Updated last year
• EvilGreys / Cobalt-Strike-Profiles-for-EDR-Evasion
  ☆161Updated this week
• 0xEr3bus / PoolPartyBof
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆313Updated 8 months ago
• V-i-x-x / AMSI-BYPASS
  "AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS
  ☆176Updated 4 months ago
• senzee1984 / MutationGate
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆227Updated 5 months ago