This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built in Sleep() call. Most of the structure e.g. Sleep hook, shellcode exec etc. are taken from mgeeky's https://github.com/mgeeky/ShellcodeFluctuation.
☆36Jan 15, 2022Updated 4 years ago
Alternatives and similar repositories for BusySleepBeacon
Users that are interested in BusySleepBeacon are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- Create Cobalt Strike malleable C2 profiles with HTTPS configs☆18May 23, 2020Updated 5 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆282Feb 24, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- PoC to self-delete a binary in C#☆36Feb 6, 2024Updated 2 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- C# code to Sandbox Defender (and most probably other AV/EDRs).☆167Apr 22, 2022Updated 3 years ago
- 横向移动三剑客 ( Lateral movement tools)☆30Nov 16, 2021Updated 4 years ago
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- 看起来叫BabyBypass,实际啥都会记一些☆16Sep 10, 2023Updated 2 years ago
- Cobalt Strike beacon object file implementation for trusted path UAC bypass. The target executable will be called without involving "cmd.…☆146Aug 16, 2021Updated 4 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- Bringing Shikata ga nai to the front html☆24Apr 28, 2022Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆501Feb 3, 2022Updated 4 years ago
- Windows internals and exploitation tricks☆113Mar 28, 2026Updated last week
- ☆41Jul 10, 2023Updated 2 years ago
- Process injection via native Windows APIs (NTAPIs)☆15Jan 16, 2024Updated 2 years ago
- Aggressor Notification Scripts for cobaltstrike via slack & discord☆14Nov 27, 2025Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- ☆277Jan 14, 2023Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- DUQU MALWARE SOURCE + BINARY + More coming☆14Feb 6, 2023Updated 3 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆67May 2, 2023Updated 2 years ago
- ☆46Dec 5, 2023Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆108May 27, 2021Updated 4 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A Poc on blocking Procmon from monitoring network events☆111Aug 7, 2025Updated 8 months ago
- Pass the Hash to a named pipe for token Impersonation☆310Nov 29, 2023Updated 2 years ago
- Collection of extracted Microsoft Defender data for security research purposes☆236Jun 23, 2022Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- Manually perform syscalls without going through any external API or DLL.☆19Apr 19, 2023Updated 2 years ago
- Self-Loading Registration Free COM Functions☆11Nov 12, 2019Updated 6 years ago
- tgtdelegation is a Beacon Object File (BOF) to obtain a usable TGT via the "TGT delegation trick"☆178Nov 26, 2021Updated 4 years ago