A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.
☆28Dec 16, 2021Updated 4 years ago
Alternatives and similar repositories for NativeFunctionStaticMap
Users that are interested in NativeFunctionStaticMap are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Files for http://deniable.org/windows/windows-callbacks☆26Jul 9, 2020Updated 5 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆38Jul 27, 2021Updated 4 years ago
- ☆94May 14, 2022Updated 4 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆223Nov 5, 2021Updated 4 years ago
- CNA that interacts with a JAR file to dynamically rename GUI tabs within Cobalt Strike from a JSON file.☆25May 23, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- ☆128Jun 28, 2023Updated 2 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- ☆18Aug 19, 2021Updated 4 years ago
- Nim version of MDSec's Parallel Syscall PoC☆125Apr 4, 2026Updated last month
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆23Sep 15, 2023Updated 2 years ago
- works but not work, cao!☆24Sep 4, 2021Updated 4 years ago
- ☆82Feb 12, 2022Updated 4 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆379May 24, 2022Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆174Jan 27, 2020Updated 6 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- leaking net-ntlm with webdav☆25Feb 23, 2021Updated 5 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆66Feb 8, 2022Updated 4 years ago
- You shall pass☆270Jul 16, 2022Updated 3 years ago
- easy dll proxying in go☆14Apr 24, 2022Updated 4 years ago
- It stinks☆103Apr 22, 2022Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- 从入门到放弃的产物,学习过程中用python实现的一个单点c2基本功能☆11Mar 11, 2020Updated 6 years ago
- PoC for UUID shellcode execution using DInvoke☆156Mar 8, 2021Updated 5 years ago
- A C# port of the MinHook API hooking library☆234Oct 21, 2025Updated 6 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Apply a filter to the events being reported by windows event logging☆15Sep 10, 2020Updated 5 years ago
- ☆45Oct 16, 2023Updated 2 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆117Feb 27, 2021Updated 5 years ago
- ☆29May 10, 2024Updated 2 years ago
- LdrLoadDll Unhooking☆133Jan 16, 2022Updated 4 years ago
- ☆170Jan 7, 2022Updated 4 years ago
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 12 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆157Jan 21, 2023Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- Collection of Beacon Object Files☆640Nov 1, 2022Updated 3 years ago
- Research project for understanding how Mimikatz work and become better at C☆124Oct 22, 2021Updated 4 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- Terminate the eventlog thread to disable the windows eventlog☆21Apr 1, 2020Updated 6 years ago
- Disable PPL via custom driver and dump lsass☆15Mar 13, 2021Updated 5 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago