Cobalt-Strike / sleepmask-vs
A simple Sleepmask BOF example
☆93Updated 6 months ago
Alternatives and similar repositories for sleepmask-vs:
Users that are interested in sleepmask-vs are comparing it to the libraries listed below
- ☆47Updated 11 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆118Updated 2 years ago
- CSharp reimplementation of Venoma, another C++ Cobalt Strike beacon dropper with custom indirect syscalls execution☆42Updated 11 months ago
- ☆79Updated last year
- A Mythic agent for Windows written in C☆101Updated this week
- Execute shellcode via Bluetooth device authentication☆34Updated last month
- TypeLib persistence technique☆108Updated 5 months ago
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆81Updated 2 years ago
- ApexLdr is a DLL Payload Loader written in C☆109Updated 8 months ago
- Winsocket for Cobalt Strike.☆97Updated last year
- ☆140Updated last year
- ☆154Updated last year
- ☆125Updated 6 months ago
- A Tool that aims to evade av with binary padding☆147Updated 8 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆226Updated last year
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Updated last year
- ☆68Updated last year
- A C# port from Invoke-GhostTask☆113Updated last year
- Implementation of Indirect Syscall technique to pop a calc.exe☆100Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆106Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆82Updated this week
- Port of Cobalt Strike's Process Inject Kit☆171Updated 3 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- Library of BOFs to interact with SQL servers☆160Updated 3 months ago
- Fuegoshell is a powershell oneliner generator for Windows remote shell re-using TCP 445☆42Updated 10 months ago
- ☆237Updated last year
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆130Updated 2 years ago
- A Beacon Object File (BOF) template for Visual Studio☆177Updated last week
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆71Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆238Updated 9 months ago