NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]
☆59Jun 6, 2023Updated 2 years ago
Alternatives and similar repositories for NativePayload_PE1
Users that are interested in NativePayload_PE1 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆72Feb 11, 2024Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 3 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆233Oct 8, 2024Updated last year
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Feb 8, 2023Updated 3 years ago
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Red Team Operation's Defense Evasion Technique.☆56Jun 4, 2024Updated last year
- Exploring in-memory execution of .NET☆137Apr 20, 2022Updated 3 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65May 1, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆681Aug 15, 2025Updated 7 months ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆203Aug 2, 2023Updated 2 years ago
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 3 years ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆715Mar 4, 2023Updated 3 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆190Jun 30, 2023Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Aug 2, 2023Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆76Feb 15, 2023Updated 3 years ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- A Ruby micro-framework for writing and running exploit payloads☆23Jan 16, 2026Updated 2 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆223Mar 10, 2024Updated 2 years ago
- A C# port of the MinHook API hooking library☆55Oct 5, 2022Updated 3 years ago
- Some of the techniques used in Malware Windows - Persistence(Registry HKCU,startup),Disable Windows Firewall,Disable Windows Defender☆23Nov 20, 2022Updated 3 years ago
- ☆15Nov 19, 2023Updated 2 years ago
- Amsi Bypass payload that works on Windwos 11☆379Jul 30, 2023Updated 2 years ago
- use shellcode as asm function☆23Mar 29, 2022Updated 3 years ago
- Windows Access token manipulation tool made in C#☆24Aug 24, 2025Updated 7 months ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆440Aug 2, 2023Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Convert VBS file to EXE☆17May 17, 2025Updated 10 months ago
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆111Apr 14, 2023Updated 2 years ago
- 基于Tinynuke修复得到的HVNC☆191Sep 4, 2021Updated 4 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆242Jan 4, 2023Updated 3 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆327Jan 31, 2023Updated 3 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago