Faisal-P27 / WAREED-DNS-C2View external linksLinks
☆124Mar 23, 2025Updated 10 months ago
Alternatives and similar repositories for WAREED-DNS-C2
Users that are interested in WAREED-DNS-C2 are comparing it to the libraries listed below
Sorting:
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆249Jun 11, 2024Updated last year
- ☆20Jul 23, 2023Updated 2 years ago
- Generic PE loader for fast prototyping evasion techniques☆244Jul 2, 2024Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆603Feb 21, 2024Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆612Jan 2, 2025Updated last year
- Inject DLLs into the explorer process using icons☆403May 18, 2025Updated 8 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- ☆147Oct 29, 2024Updated last year
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,289Jun 21, 2024Updated last year
- ☆244Sep 19, 2023Updated 2 years ago
- A basic C2 framework written in C☆59Jul 7, 2024Updated last year
- Process injection alternative☆404Sep 6, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- ☆341Nov 10, 2025Updated 3 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆194Nov 27, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆457Aug 2, 2024Updated last year
- ☆118Nov 21, 2024Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆273Apr 17, 2023Updated 2 years ago
- PoCs for Kernelmode rootkit techniques research.☆429Nov 4, 2025Updated 3 months ago
- A BOF that runs unmanaged PEs inline☆678Oct 23, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆460Sep 24, 2023Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆107Mar 25, 2024Updated last year
- ☆131Dec 4, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆282Apr 6, 2025Updated 10 months ago
- Self Cleanup in post-ex job☆59Sep 10, 2024Updated last year
- Shoggoth: Asmjit Based Polymorphic Encryptor☆778Apr 10, 2024Updated last year
- AV bypass while you sip your Chai!☆226May 17, 2024Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- Sleep obfuscation☆267Dec 13, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆1,004Jun 4, 2024Updated last year
- Golang implement winrm client with pass the hash☆32Apr 29, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- ☆137Jun 21, 2023Updated 2 years ago
- A C# Command & Control framework☆1,026Mar 28, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆698May 7, 2025Updated 9 months ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- COM ViewLogger — new malware keylogging technique☆403Jan 6, 2025Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆718Jul 19, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆366Apr 19, 2023Updated 2 years ago