Dump-GUY / EXE-or-DLL-or-ShellCode

Related projects ⓘ

Alternatives and complementary repositories for EXE-or-DLL-or-ShellCode

• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆142Updated 2 months ago
• senzee1984 / InflativeLoading
  Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.
  ☆266Updated 7 months ago
• praetorian-inc / goffloader
  A Go implementation of Cobalt Strike style BOF/COFF loaders.
  ☆179Updated 2 months ago
• mertdas / SharpIncrease
  A Tool that aims to evade av with binary padding
  ☆135Updated 4 months ago
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆105Updated 4 months ago
• 0xEr3bus / RdpStrike
  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.
  ☆227Updated 5 months ago
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆154Updated 2 months ago
• sokaRepo / CoercedPotatoRDLL
  Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege
  ☆200Updated 11 months ago
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆278Updated last year
• MalwareTech / EDRception
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆171Updated 10 months ago
• 0xEr3bus / PoolPartyBof
  A beacon object file implementation of PoolParty Process Injection Technique.
  ☆324Updated 11 months ago
• trickster0 / NamelessC2
  Nameless C2 - A C2 with all its components written in Rust
  ☆241Updated last month
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆146Updated 2 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆145Updated 3 weeks ago
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆164Updated 8 months ago
• Offensive-Panda / RWX_MEMEORY_HUNT_AND_INJECTION_DV
  Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.
  ☆243Updated 5 months ago
• BlackSnufkin / BYOVD
  Some POCs for my BYOVD research and find some vulnerable drivers
  ☆126Updated 2 months ago
• florylsk / SignatureGate
  Weaponized HellsGate/SigFlip
  ☆194Updated last year
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆85Updated 8 months ago
• EvilBytecode / EDR-XDR-AV-Killer
  Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
  ☆241Updated 4 months ago
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆148Updated 5 months ago
• cpu0x00 / Ghost
  Evasive shellcode loader
  ☆269Updated last month
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆148Updated 10 months ago
• oh-az / NoArgs
  NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…
  ☆147Updated 6 months ago
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆141Updated last week
• Offensive-Panda / LsassReflectDumping
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆163Updated last month
• senzee1984 / MutationGate
  Use hardware breakpoint to dynamically change SSN in run-time
  ☆234Updated 7 months ago