Cipher7 / havoc-PoolPartyLinks
Windows Thread Pool Injection Havoc Implementation
☆32Updated last year
Alternatives and similar repositories for havoc-PoolParty
Users that are interested in havoc-PoolParty are comparing it to the libraries listed below
Sorting:
- A python script that automates a C2 Profile build☆43Updated 5 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- Modern PIC implant for Windows (64 & 32 bit)☆102Updated last month
- Lateral Movement via the .NET Profiler☆82Updated 9 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆74Updated last year
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆49Updated 3 months ago
- ☆110Updated 6 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆63Updated last year
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆95Updated 10 months ago
- Impersonate Tokens using only NTAPI functions☆79Updated 4 months ago
- ☆53Updated 2 months ago
- Local SYSTEM auth trigger for relaying - X☆136Updated last month
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆97Updated last month
- Rewrite to fit my needs☆30Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated last year
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆38Updated 4 months ago
- in-process powershell runner for BRC4☆47Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 5 months ago
- ☆59Updated last year
- Proxy function calls through the thread pool with ease☆28Updated 6 months ago
- Sniffing files generator☆59Updated 6 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Find DLLs with RWX section☆81Updated 2 years ago
- Cortex EDR Ransomware protection Bypass☆25Updated 6 months ago
- ☆133Updated 6 months ago
- Threadless shellcode injection tool☆66Updated last year
- BOF for C2 framework☆42Updated 9 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year