FuzzySecurity / BHUSA-2023Links
☆105Updated last year
Alternatives and similar repositories for BHUSA-2023
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below
Sorting:
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆319Updated 2 years ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated 2 years ago
- Tools for analyzing EDR agents☆276Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆107Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆324Updated 3 months ago
- ☆64Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆119Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Updated 2 years ago
- Local & remote Windows DLL Proxying☆169Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆50Updated last year
- ☆120Updated 2 years ago
- ☆107Updated 2 years ago
- ☆133Updated 2 years ago
- ☆150Updated last year
- Windows APT Warfare, published by Packt☆76Updated 2 years ago
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆182Updated 2 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Updated last year
- Aplos an extremely simple fuzzer for Windows binaries.☆68Updated 11 months ago
- Find DLLs with RWX section☆80Updated 2 years ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆122Updated last year
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆170Updated 2 years ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆194Updated last year
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆164Updated last month
- ☆108Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆123Updated last year
- ☆207Updated 2 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆124Updated 3 weeks ago
- I have created these custom servers for preparing EXP-301 course (aka WUMED) exam and hope it will help to take OSED certification. Feel …☆52Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆208Updated 2 months ago
- ☆113Updated 3 years ago