DamonMohammadbagher / NativePayload_PE1View external linksLinks
NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing RWX to X or RX or (both) [Bypassing AVs]
☆59Jun 6, 2023Updated 2 years ago
Alternatives and similar repositories for NativePayload_PE1
Users that are interested in NativePayload_PE1 are comparing it to the libraries listed below
Sorting:
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- C# loader capable of running stage-1 from remote url, file path as well as file share☆15Feb 8, 2023Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Mar 4, 2023Updated 2 years ago
- All my Source Codes (Repos) for Red-Teaming & Pentesting + Blue Teaming☆234Oct 8, 2024Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Feb 11, 2024Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆56Jun 4, 2024Updated last year
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 2 years ago
- Spring Cloud Gateway Actuator API SpEL Code Injection (CVE-2022-22947)☆11Apr 15, 2022Updated 3 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆66May 1, 2023Updated 2 years ago
- A Ruby micro-framework for writing and running exploit payloads☆23Jan 16, 2026Updated 3 weeks ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆671Aug 15, 2025Updated 5 months ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Exploring in-memory execution of .NET☆138Apr 20, 2022Updated 3 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- Amsi Bypass payload that works on Windwos 11☆377Jul 30, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- Just another ntdll unhooking using Parun's Fart technique☆76Feb 15, 2023Updated 2 years ago
- Laz-y project compatible C# templates for shellcode injection.☆20May 1, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 2 years ago
- ☆222Mar 10, 2024Updated last year
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆202Aug 2, 2023Updated 2 years ago
- Windows Access token manipulation tool made in C#☆24Aug 24, 2025Updated 5 months ago
- ☆15Nov 19, 2023Updated 2 years ago
- A C# port of the MinHook API hooking library☆56Oct 5, 2022Updated 3 years ago
- PoC-Malware-TTPs☆49Mar 26, 2023Updated 2 years ago
- Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io☆89Dec 2, 2025Updated 2 months ago
- Terminate AV/EDR Processes using kernel driver☆352Jun 12, 2023Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆447Jan 25, 2023Updated 3 years ago
- ☆563Feb 22, 2024Updated last year
- 基于Tinynuke修复得到的HVNC☆188Sep 4, 2021Updated 4 years ago
- Windows x64 kernel mode rootkit process hollowing POC.☆189Jun 30, 2023Updated 2 years ago
- ☆35Nov 16, 2023Updated 2 years ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆425Feb 11, 2024Updated 2 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Aug 2, 2023Updated 2 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆61Aug 31, 2022Updated 3 years ago
- A tool to find folders excluded from AV real-time scanning using a time oracle☆234Feb 13, 2024Updated 2 years ago
- You shall pass☆271Jul 16, 2022Updated 3 years ago