NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]
☆59Jun 6, 2023Updated 3 years ago
Alternatives and similar repositories for NativePayload_PE1
Users that are interested in NativePayload_PE1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆75Feb 11, 2024Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆231Oct 8, 2024Updated last year
- C# loader capable of running stage-1 from remote url, file path as well as file share☆14Feb 8, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Red Team Operation's Defense Evasion Technique.☆55Jun 4, 2024Updated 2 years ago
- Exploring in-memory execution of .NET☆140Apr 20, 2022Updated 4 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆66May 1, 2023Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆87Mar 19, 2023Updated 3 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆699Updated this week
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 3 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆205Aug 2, 2023Updated 2 years ago
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 4 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆29Jan 4, 2024Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆723Mar 4, 2023Updated 3 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆192Jun 30, 2023Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆307Aug 2, 2023Updated 2 years ago
- NTDLL unhooking via Parun's Fart technique to bypass EDR userland hooks☆75Feb 15, 2023Updated 3 years ago
- Terminate AV/EDR Processes using kernel driver☆353Jun 12, 2023Updated 3 years ago
- A Ruby micro-framework for writing and running exploit payloads☆23Jan 16, 2026Updated 5 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆224Mar 10, 2024Updated 2 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆23Nov 20, 2022Updated 3 years ago
- ☆15Nov 19, 2023Updated 2 years ago
- Amsi Bypass payload that works on Windwos 11☆380Jul 30, 2023Updated 2 years ago
- use shellcode as asm function☆22Mar 29, 2022Updated 4 years ago
- Windows Access token manipulation tool made in C#☆25Aug 24, 2025Updated 9 months ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆444Aug 2, 2023Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆112Apr 14, 2023Updated 3 years ago
- 基于Tinynuke修复得到的HVNC☆197Sep 4, 2021Updated 4 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆241Jan 4, 2023Updated 3 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆326Jan 31, 2023Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆40Dec 31, 2020Updated 5 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆89Apr 11, 2023Updated 3 years ago
- PoC-Malware-TTPs☆48Mar 26, 2023Updated 3 years ago