EvilBytecode / PPID-Spoofing

Related projects ⓘ

Alternatives and complementary repositories for PPID-Spoofing

• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆14Updated 4 months ago
• Faran-17 / EarlyBird-APC-Injection
  Demonstration of Early Bird APC Injection - MITRE ID T1055.004
  ☆30Updated last year
• HulkOperator / AuthStager
  ☆37Updated 3 weeks ago
• zimnyaa / smbsocks
  A simple rpc2socks alternative in pure Go.
  ☆24Updated 4 months ago
• EvilBytecode / Nyx-Full-Dll-Unhook
  (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.
  ☆16Updated 3 months ago
• Offensive-Panda / D3MPSEC
  "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…
  ☆22Updated 2 months ago
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆15Updated last year
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆22Updated 6 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆16Updated last year
• decoder-it / DFSCoerce-exe-2
  DFSCoerce exe revisited version with custom authentication
  ☆36Updated 10 months ago
• horizon3ai / CVE-2024-9465
  Proof of Concept Exploit for CVE-2024-9465
  ☆25Updated last month
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆22Updated 2 years ago
• syncwithali / HavocExploit
  A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.
  ☆31Updated last year
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆40Updated last week
• EspressoCake / DefenderPathExclusions
  Creation and removal of Defender path exclusions and exceptions in C#.
  ☆30Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• ommadawn46 / HEVD-Exploit-Win10-22H2-KVAS
  HEVD Exploit: ArbitraryWrite on Windows 10 22H2 - Bypassing KVA Shadow and SMEP via PML4 Entry Manipulation
  ☆15Updated 4 months ago
• ZephrFish / ADFSDump-PS
  PowerShell Implementation of ADFSDump to assist with GoldenSAML
  ☆31Updated 6 months ago
• EvilBytecode / GoEvilDocs
  Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.
  ☆10Updated 4 months ago
• gemini-security / GithubC2
  ☆25Updated last year
• atabetnouhaila / API-hashing
  ☆18Updated last month
• 0xTriboulet / T-70
  A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system
  ☆31Updated 3 weeks ago
• Offensive-Panda / .NET_PROFILER_DLL_LOADING
  .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…
  ☆42Updated 3 months ago
• a7t0fwa7 / SymProcSleuth
  A pure C version of SymProcAddress
  ☆23Updated 8 months ago
• Und3rf10w / CobaltStrikeBOFs
  Beacon Object Files used for Cobalt Strike
  ☆17Updated last year
• redskal / SharpAzbelt
  .NET port of Leron Gray's azbelt tool.
  ☆26Updated last year
• iamagarre / BadExclusions
  BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR
  ☆18Updated 9 months ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆27Updated last year
• SecTheBit / MalDevelopment
  All my POC related to malware development
  ☆11Updated 6 months ago
• duckbillsecurity / pdf-smuggler
  Create PDFs with HTML smuggling attachments that save on opening the document.
  ☆27Updated last year