FuzzySecurity / BHUSA-2023Links
☆105Updated last year
Alternatives and similar repositories for BHUSA-2023
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below
Sorting:
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Updated 2 years ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆105Updated last year
- Local & remote Windows DLL Proxying☆165Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- ☆121Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆291Updated last month
- Tools for analyzing EDR agents☆266Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated 2 years ago
- Aplos an extremely simple fuzzer for Windows binaries.☆68Updated 7 months ago
- ☆64Updated last year
- ☆147Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆272Updated last year
- ☆134Updated 2 years ago
- ☆158Updated 3 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆159Updated last week
- Windows APT Warfare, published by Packt☆76Updated 2 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆98Updated 4 months ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆180Updated last year
- ☆113Updated 3 years ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated last year
- ☆108Updated 2 years ago
- Windows rootkit designed to work with BYOVD exploits☆207Updated 8 months ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆170Updated 2 years ago
- Finding secrets in kernel and user memory☆116Updated 2 years ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆119Updated last year
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆85Updated 7 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- ☆108Updated 11 months ago
- ☆158Updated 9 months ago