This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built in Sleep() call. Most of the structure e.g. Sleep hook, shellcode exec etc. are taken from mgeeky's https://github.com/mgeeky/ShellcodeFluctuation.
☆36Jan 15, 2022Updated 4 years ago
Alternatives and similar repositories for BusySleepBeacon
Users that are interested in BusySleepBeacon are comparing it to the libraries listed below
Sorting:
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- Create Cobalt Strike malleable C2 profiles with HTTPS configs☆18May 23, 2020Updated 5 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 2 years ago
- Windows internals and exploitation tricks☆112Nov 9, 2025Updated 3 months ago
- 横向移动三剑客 ( Lateral movement tools)☆30Nov 16, 2021Updated 4 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- 看起来叫BabyBypass,实际啥都会记一些☆16Sep 10, 2023Updated 2 years ago
- C# code to Sandbox Defender (and most probably other AV/EDRs).☆167Apr 22, 2022Updated 3 years ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- User-mode part of Zerokit platform☆22Mar 30, 2019Updated 6 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆109May 27, 2021Updated 4 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆498Feb 3, 2022Updated 4 years ago
- ☆208Apr 5, 2022Updated 3 years ago
- Bringing Shikata ga nai to the front html☆23Apr 28, 2022Updated 3 years ago
- Reimplement CreateProcessInternalW via Windows 10 20H1+/Windows 11 Base on NtCreateUserProcess-Post☆80Sep 2, 2024Updated last year
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- ☆274Jan 14, 2023Updated 3 years ago
- ☆46Dec 5, 2023Updated 2 years ago
- Collection of extracted Microsoft Defender data for security research purposes☆233Jun 23, 2022Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆312Nov 29, 2023Updated 2 years ago
- ☆38Nov 30, 2022Updated 3 years ago
- Aims to identify sleeping beacons☆662Jan 25, 2026Updated last month
- A Poc on blocking Procmon from monitoring network events☆111Aug 7, 2025Updated 6 months ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆178Nov 26, 2021Updated 4 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- ☆11Sep 30, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- a component of red teaming for generate route map.☆11Aug 30, 2024Updated last year
- Here i will upload every prynt stealer stub source code and you will discover that is stormkitty 0_0 (I didnt buy anything from prynt whi…☆11Jan 8, 2023Updated 3 years ago
- Various shellcodes☆12Sep 1, 2020Updated 5 years ago