ELMERIKH / BerylLinks
Payload Dropper with Persistance & Privesc & UAC bypass π±βπ€
β13Updated last year
Alternatives and similar repositories for Beryl
Users that are interested in Beryl are comparing it to the libraries listed below
Sorting:
- Execute Remote Assembly with args passing and with AMSI and ETW patchingβ11Updated 2 years ago
- CVE-2021-34527 AddPrinterDriverEx() Privilege Escalationβ20Updated 2 years ago
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.β12Updated 2 months ago
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I doβ¦β10Updated 2 months ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID stringsβ20Updated last year
- Malware development: persistence - part 1: startup folder registry keys. C++ implementationβ12Updated 3 years ago
- AV engines evasion for C++ simple malware part 1 source codeβ13Updated 2 years ago
- C# loader capable of running stage-1 from remote url, file path as well as file shareβ16Updated 2 years ago
- Find kernel32 base and API addresses. Simple C++ implementationβ24Updated 3 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe componentβ11Updated last year
- web based c2 π΄ββ οΈβ13Updated 11 months ago
- Just another Process Injection using Process Hollowing technique.β17Updated last year
- Process injection via KernelCallbackTableβ14Updated 3 years ago
- Quickly generate every payload type for each listener and optionally host via HTTP.β22Updated 3 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming anβ¦β31Updated 2 years ago
- π§ C# UAC Bypass technique using mock directories π§β28Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsingβ¦β22Updated 2 months ago
- β18Updated 7 months ago
- Parent Process ID Spoofing, coded in CGo.β22Updated 2 months ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.β19Updated 2 months ago
- Abusing autoElevate - Fully Undetectable UAC Bypass exploitβ11Updated 3 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded sβ¦β16Updated 3 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.β20Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)β20Updated 2 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellcβ¦β15Updated 3 years ago
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10β37Updated 2 years ago
- JALSI - Just Another Lame Shellcode Injectorβ30Updated 3 years ago
- My Own VirtualAlloc Implementation to use as alternative unknown for all the defense solutions of VirtualAlloc Win32 API Functionβ9Updated last year
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. Pβ¦β15Updated 3 years ago
- A malicous Golang Packageβ14Updated 2 months ago