FuzzySecurity / BHUSA-2023
☆105Updated 8 months ago
Alternatives and similar repositories for BHUSA-2023:
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below
- Local & remote Windows DLL Proxying☆162Updated 9 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- ☆107Updated last year
- ☆149Updated 3 months ago
- ☆114Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆106Updated 6 months ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆96Updated 11 months ago
- Aplos an extremely simple fuzzer for Windows binaries.☆68Updated last month
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆98Updated last year
- Tools for analyzing EDR agents☆221Updated 9 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆115Updated 2 weeks ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆308Updated last year
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆86Updated last year
- Payload encoding utility to effectively lower payload entropy.☆113Updated 4 months ago
- Windows APT Warfare, published by Packt☆66Updated 2 years ago
- Stage 0☆154Updated 3 months ago
- Find DLLs with RWX section☆78Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- ☆133Updated last year
- Windows rootkit designed to work with BYOVD exploits☆169Updated 2 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆89Updated last month
- Exploitation of process killer drivers☆198Updated last year
- Python based WinDbg script to automate the search for code caves in binaries and libraries.☆45Updated 2 months ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆138Updated 2 years ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆183Updated 3 months ago
- ☆182Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆92Updated 11 months ago