EvilBytecode / Powershell-PersistanceLinks
Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do not take any responsibility for its use or any actions taken.
☆12Updated 9 months ago
Alternatives and similar repositories for Powershell-Persistance
Users that are interested in Powershell-Persistance are comparing it to the libraries listed below
Sorting:
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆15Updated 9 months ago
- Parent Process ID Spoofing, coded in CGo.☆24Updated 9 months ago
- ☆21Updated 2 weeks ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Updated 9 months ago
- Just another Process Injection using Process Hollowing technique.☆19Updated 2 years ago
- Obfuscate payloads using IPv4, IPv6, MAC or UUID strings☆22Updated last year
- Toolkit of Projects to attack and evade Event Trace for Windows☆25Updated 4 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Updated 2 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35Updated last year
- Extension functionality for the NightHawk operator client☆26Updated 2 years ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Updated 9 months ago
- ECC Public Key Cryptography☆37Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆25Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Updated last year
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12Updated 2 years ago
- Deobfuscation of XorStringsNet☆14Updated last year
- Identify binaries with Authenticode digital signatures signed to an internal CA/domain☆40Updated last year
- ☆38Updated 9 months ago
- Windows Access token manipulation tool made in C#☆24Updated 4 months ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Updated 2 years ago
- Repository to gather the BOF files I will be developing☆11Updated last year
- A malicous Golang Package☆15Updated 9 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Updated last year
- ☆30Updated 4 months ago
- ☆59Updated last year
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Updated last year
- Extension functionality for the NightHawk operator client☆26Updated 2 years ago
- Golang Implementation of Hell's gate☆21Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Updated 10 months ago
- single-threaded event driven sleep obfuscation poc for linux☆37Updated 7 months ago