NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]
☆59Jun 6, 2023Updated 2 years ago
Alternatives and similar repositories for NativePayload_PE1
Users that are interested in NativePayload_PE1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆74Feb 11, 2024Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆232Oct 8, 2024Updated last year
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Feb 8, 2023Updated 3 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Red Team Operation's Defense Evasion Technique.☆56Jun 4, 2024Updated last year
- Exploring in-memory execution of .NET☆138Apr 20, 2022Updated 3 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65May 1, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆685Aug 15, 2025Updated 8 months ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆204Aug 2, 2023Updated 2 years ago
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 4 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆717Mar 4, 2023Updated 3 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆191Jun 30, 2023Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Aug 2, 2023Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆76Feb 15, 2023Updated 3 years ago
- Terminate AV/EDR Processes using kernel driver☆354Jun 12, 2023Updated 2 years ago
- A Ruby micro-framework for writing and running exploit payloads☆23Jan 16, 2026Updated 3 months ago
- Deploy open-source AI quickly and easily - Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ☆223Mar 10, 2024Updated 2 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- ☆15Nov 19, 2023Updated 2 years ago
- Amsi Bypass payload that works on Windwos 11☆379Jul 30, 2023Updated 2 years ago
- use shellcode as asm function☆23Mar 29, 2022Updated 4 years ago
- Windows Access token manipulation tool made in C#☆25Aug 24, 2025Updated 7 months ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆444Aug 2, 2023Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆445Jan 25, 2023Updated 3 years ago
- Convert VBS file to EXE☆17May 17, 2025Updated 10 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆110Apr 14, 2023Updated 3 years ago
- 基于Tinynuke修复得到的HVNC☆194Sep 4, 2021Updated 4 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆243Jan 4, 2023Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆88Apr 11, 2023Updated 3 years ago
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 3 years ago