EvilBytecode / Powershell-PersistanceLinks
Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do not take any responsibility for its use or any actions taken.
☆11Updated 4 months ago
Alternatives and similar repositories for Powershell-Persistance
Users that are interested in Powershell-Persistance are comparing it to the libraries listed below
Sorting:
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆12Updated 4 months ago
- Parent Process ID Spoofing, coded in CGo.☆23Updated 4 months ago
- ☆19Updated 3 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆23Updated 4 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- ☆16Updated last year
- Python3 tool to perform password spraying using RDP☆17Updated 2 years ago
- Ransomware written in go, encrypt - decrypt.☆26Updated 4 months ago
- Just another Process Injection using Process Hollowing technique.☆18Updated last year
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆20Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆12Updated 4 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- Golang Implementation of Hell's gate☆18Updated 2 years ago
- ☆57Updated 10 months ago
- single-threaded event driven sleep obfuscation poc for linux☆35Updated 2 months ago
- Toolkit of Projects to attack and evade Event Trace for Windows☆15Updated 3 months ago
- ☆35Updated 4 months ago
- Repository to gather the BOF files I will be developing☆10Updated 10 months ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆38Updated last month
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- A simple rpc2socks alternative in pure Go.☆29Updated last year
- Rehashing APIs to prevent hash based detection☆12Updated 7 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆39Updated 8 months ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Updated 5 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆43Updated last year
- Cobalt Strike notifications via NTFY.☆14Updated 11 months ago
- Beacon Object Files used for Cobalt Strike☆19Updated 2 years ago
- ☆34Updated 4 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆55Updated this week