EvilBytecode / Powershell-Persistance
Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do not take any responsibility for its use or any actions taken.
☆9Updated 3 weeks ago
Alternatives and similar repositories for Powershell-Persistance
Users that are interested in Powershell-Persistance are comparing it to the libraries listed below
Sorting:
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆11Updated 3 weeks ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆15Updated 3 weeks ago
- Parent Process ID Spoofing, coded in CGo.☆21Updated 3 weeks ago
- ☆17Updated last week
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆12Updated 3 weeks ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆20Updated 3 weeks ago
- A malicous Golang Package☆14Updated 3 weeks ago
- Ransomware written in go, encrypt - decrypt.☆20Updated 2 weeks ago
- Payload Dropper with Persistance & Privesc & UAC bypass 🐱👤☆13Updated last year
- A Documentation for my module PS2BAT, it converts Powershell Scripts to Batchfile ones.☆11Updated 3 weeks ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆9Updated 3 weeks ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- Cobalt Strike notifications via NTFY.☆13Updated 7 months ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆16Updated 6 months ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Updated last year
- Beacon Object Files used for Cobalt Strike☆18Updated last year
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆10Updated 3 weeks ago
- This repository contains a tool that can encrypt all type of files and give the encrypted output in the form of an encrypted shellcode. P…☆15Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆28Updated 10 months ago
- Deobfuscation of XorStringsNet☆14Updated 6 months ago
- ☆15Updated 10 months ago
- Golang Implementation of Hell's gate☆17Updated last year
- ☆30Updated last month
- ☆19Updated 5 months ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Updated last year
- C# project to Reflectively load .Net assemblies in memory☆17Updated 10 months ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆20Updated last year
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆15Updated last year
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most��…☆11Updated 2 years ago