Demonstration of Early Bird APC Injection - MITRE ID T1055.004
☆35Oct 31, 2023Updated 2 years ago
Alternatives and similar repositories for EarlyBird-APC-Injection
Users that are interested in EarlyBird-APC-Injection are comparing it to the libraries listed below
Sorting:
- A mechanism that trampoline hooks functions in x86/x64 systems.☆21Oct 9, 2024Updated last year
- ECC Public Key Cryptography☆37Oct 29, 2023Updated 2 years ago
- Volatility 3 plugins to extract a module as complete as possible☆12Jun 13, 2023Updated 2 years ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆73Oct 28, 2023Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- A utility that can be used to launch an executable with a DLL injected��☆19Nov 20, 2023Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆54Oct 19, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆46Oct 27, 2023Updated 2 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- Small project looking into how we can build malware with zero-imports by dynamically resolving windows APIs using GetProcAddress and GetM…☆40Oct 26, 2023Updated 2 years ago
- ☆60Dec 15, 2023Updated 2 years ago
- ☆223Mar 10, 2024Updated last year
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆77Nov 12, 2023Updated 2 years ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆59Dec 15, 2023Updated 2 years ago
- PhantomsGate: Advanced Shellcode Injection Technique☆26Jul 15, 2024Updated last year
- Native Syscalls Shellcode Injector☆266Jul 2, 2023Updated 2 years ago
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆128Jul 5, 2024Updated last year
- Use ESC1 to perform a makeshift DCSync and dump hashes☆210Nov 2, 2023Updated 2 years ago
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Oct 2, 2023Updated 2 years ago
- ☆189Jan 23, 2024Updated 2 years ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 3 months ago
- in-process powershell runner for BRC4☆48Oct 31, 2023Updated 2 years ago
- Reflective DLL Injection Made Bella☆249Jan 6, 2025Updated last year
- The Web UI for Antnium☆27Jun 14, 2022Updated 3 years ago
- BoltWire v6.03 vulnerable to "Improper Access Control"☆13Oct 31, 2023Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver☆112Oct 26, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- ☆106Sep 12, 2024Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆185Aug 2, 2023Updated 2 years ago
- ShootCutMe an .LNK file creator tool for redteamer☆16Oct 2, 2024Updated last year