FuzzySecurity / BHUSA-2023View external linksLinks
☆105Jul 11, 2024Updated last year
Alternatives and similar repositories for BHUSA-2023
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below
Sorting:
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- ☆118Nov 21, 2024Updated last year
- ☆36Oct 26, 2023Updated 2 years ago
- ☆138Apr 20, 2023Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆747May 23, 2025Updated 8 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Using fibers to run in-memory code.☆240Oct 19, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆319Aug 31, 2023Updated 2 years ago
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆209Nov 12, 2025Updated 3 months ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆111Mar 10, 2024Updated last year
- ☆11Jul 11, 2023Updated 2 years ago
- A collection of my scripts for research☆12Jul 28, 2025Updated 6 months ago
- Proofs-Of-360Security Sandbox Escape☆10Mar 18, 2022Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆675Dec 23, 2022Updated 3 years ago
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 10 months ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆94Jul 3, 2025Updated 7 months ago
- Call stack spoofing for Rust☆356Feb 7, 2025Updated last year
- DEFCON 31 slide deck and video link☆66Jun 2, 2025Updated 8 months ago
- A small and portable Windows C library for sandbox detection☆35Oct 2, 2023Updated 2 years ago
- rpv is a v library for analyzing RPC servers and interfaces on the Windows operating system☆37Nov 21, 2025Updated 2 months ago
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- ☆13Dec 27, 2014Updated 11 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- Ghidra script which fully parses COFF files☆12Oct 18, 2024Updated last year
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- Windows Session Hijacking via COM☆335Dec 13, 2025Updated 2 months ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Nov 19, 2022Updated 3 years ago
- An offensive data enrichment pipeline☆914Updated this week
- ☆333Sep 21, 2025Updated 4 months ago
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆900Jan 21, 2025Updated last year
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆21Apr 2, 2025Updated 10 months ago
- ☆301Oct 29, 2024Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆407Sep 12, 2023Updated 2 years ago