D3Ext / Hooka
Shellcode loader generator with multiples features
☆218Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for Hooka
- Go shellcode loader that combines multiple evasion techniques☆352Updated last year
- shellcode loader for your evasion needs☆262Updated this week
- Execute shellcode files with rundll32☆181Updated 9 months ago
- KittyStager is a simple stage 0 C2. It is made of a web server to host the shellcode and an implant, called kitten. The purpose of this p…☆213Updated last year
- Shaco is a linux agent for havoc☆145Updated last year
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆302Updated last year
- Terminate AV/EDR Processes using kernel driver☆336Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆405Updated 8 months ago
- Some POCs for my BYOVD research and find some vulnerable drivers☆122Updated last month
- Evasive shellcode loader☆234Updated 3 weeks ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆241Updated 4 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆321Updated 10 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆168Updated 10 months ago
- Evasive Golang Loader☆130Updated 3 months ago
- transform your payload into ipv4/ipv6/mac arrays☆149Updated 2 years ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆275Updated 3 months ago
- A BOF to automate common persistence tasks for red teamers☆267Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆265Updated 6 months ago
- Extract and execute a PE embedded within a PNG file using an LNK file.☆208Updated last week
- Fileless atexec, no more need for port 445☆325Updated 7 months ago
- 「💀」Proof of concept on BYOVD attack☆147Updated 8 months ago
- indirect syscalls for AV/EDR evasion in Go assembly☆307Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆224Updated last year
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆298Updated last year
- Awesome AV/EDR/XDR Bypass Tips☆249Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆227Updated 4 months ago
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆167Updated last month
- A Tool that aims to evade av with binary padding☆135Updated 4 months ago