EspressoCake / NativeFunctionStaticMap
A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.
☆26Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for NativeFunctionStaticMap
- ☆29Updated 2 years ago
- Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…☆37Updated 4 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 3 years ago
- ☆37Updated 9 months ago
- ☆58Updated 2 years ago
- Load a dynamic library from memory using a fuse mount☆28Updated last year
- Repository for dirty scripts and PoCs☆16Updated last year
- ☆38Updated last year
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆14Updated 2 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆33Updated 3 years ago
- LSASS enumeration like pypykatz written in C-Lang☆20Updated 2 years ago
- ☆14Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- ☆79Updated 2 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆30Updated 8 months ago
- A VSCode plugin to assist with BOF development.☆30Updated 2 months ago
- ☆49Updated 4 years ago
- A simple BOF implementation of klist using Windows API☆30Updated 2 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆27Updated 3 years ago
- ☆26Updated 2 years ago
- Files for http://deniable.org/windows/windows-callbacks☆24Updated 4 years ago
- Ntdll Unhooking POC☆19Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Updated 3 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆43Updated 2 years ago