☆125Mar 23, 2025Updated 11 months ago
Alternatives and similar repositories for WAREED-DNS-C2
Users that are interested in WAREED-DNS-C2 are comparing it to the libraries listed below
Sorting:
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- ☆20Jul 23, 2023Updated 2 years ago
- Generic PE loader for fast prototyping evasion techniques☆245Jul 2, 2024Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆609Feb 21, 2024Updated 2 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- Inject DLLs into the explorer process using icons☆408May 18, 2025Updated 9 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- ☆147Oct 29, 2024Updated last year
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆1,294Jun 21, 2024Updated last year
- ☆245Sep 19, 2023Updated 2 years ago
- A basic C2 framework written in C☆59Jul 7, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Process injection alternative☆407Sep 6, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆459Aug 2, 2024Updated last year
- ☆341Nov 10, 2025Updated 3 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- ☆121Nov 21, 2024Updated last year
- PoCs for Kernelmode rootkit techniques research.☆435Nov 4, 2025Updated 4 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆276Apr 17, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆682Oct 23, 2024Updated last year
- Bypassing UAC with SSPI Datagram Contexts☆462Sep 24, 2023Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆110Mar 25, 2024Updated last year
- ☆132Dec 4, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- Self Cleanup in post-ex job☆59Sep 10, 2024Updated last year
- Shoggoth: Asmjit Based Polymorphic Encryptor☆781Apr 10, 2024Updated last year
- AV bypass while you sip your Chai!☆223May 17, 2024Updated last year
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆225Jul 25, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- Sleep obfuscation☆270Dec 13, 2024Updated last year
- Golang implement winrm client with pass the hash☆32Apr 29, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- A C# Command & Control framework☆1,026Mar 28, 2024Updated last year
- ☆143Jun 21, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 10 months ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆67Jan 14, 2025Updated last year
- COM ViewLogger — new malware keylogging technique☆406Jan 6, 2025Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆718Jul 19, 2023Updated 2 years ago
- Bypass LSA protection using the BYODLL technique☆172Sep 21, 2024Updated last year