Windows Thread Pool Injection Havoc Implementation
☆34Mar 23, 2024Updated 2 years ago
Alternatives and similar repositories for havoc-PoolParty
Users that are interested in havoc-PoolParty are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆66Mar 19, 2024Updated 2 years ago
- Beacon Object File (BOF) for Windows Session Hijacking via IHxHelpPaneServer COM☆68Dec 25, 2025Updated 4 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Dec 16, 2023Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆449Dec 21, 2023Updated 2 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆191Jan 17, 2026Updated 3 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Process hunting Toolkit is toolkit capable of hunting down malicious processes on Windows☆14Jan 31, 2025Updated last year
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- ☆62Jan 9, 2023Updated 3 years ago
- early cascade injection PoC based on Outflanks blog post☆241Nov 7, 2024Updated last year
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆78Dec 23, 2023Updated 2 years ago
- this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)☆84Dec 20, 2023Updated 2 years ago
- ☆14Sep 26, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A simple BOF (Beacon Object File) to search files in the system☆16Dec 2, 2023Updated 2 years ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 7 months ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆117Aug 21, 2024Updated last year
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- A Mythic agent for Windows written in C☆162Apr 9, 2026Updated 3 weeks ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- A C# implementation that disables Windows Firewall bypassing UAC☆18Oct 23, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆63Nov 8, 2024Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- SafeCrypt is an academic ransomware simulation suite developed for Red Team engagements. It demonstrates modern malware techniques includ…☆34Oct 3, 2025Updated 6 months ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆139Dec 7, 2025Updated 4 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Dec 11, 2023Updated 2 years ago
- DFSCoerce exe revisited version with custom authentication☆43Jan 13, 2024Updated 2 years ago
- ☆147Oct 29, 2024Updated last year
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆203Mar 26, 2025Updated last year
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆128Dec 23, 2025Updated 4 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆200May 29, 2025Updated 11 months ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- Stage 0☆169Dec 18, 2024Updated last year
- ☆164Oct 25, 2023Updated 2 years ago
- The EMP Jammer is an innovative jamming device which jams the devices nearby by inducing an alternating voltage in it .☆13Jan 3, 2023Updated 3 years ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆50Feb 29, 2024Updated 2 years ago
- A straightforward tool for exploiting SMTP Smuggling vulnerabilities.☆14Jul 22, 2024Updated last year