FuzzySecurity / BHUSA-2023Links
☆105Updated last year
Alternatives and similar repositories for BHUSA-2023
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below
Sorting:
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆316Updated last year
- Tools for analyzing EDR agents☆241Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆114Updated 11 months ago
- Local & remote Windows DLL Proxying☆165Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- ☆120Updated last year
- Aplos an extremely simple fuzzer for Windows binaries.☆69Updated 6 months ago
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆283Updated last week
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- ☆133Updated 2 years ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆152Updated 2 weeks ago
- ☆108Updated 2 years ago
- ☆64Updated last year
- ☆147Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆270Updated 11 months ago
- Windows APT Warfare, published by Packt☆72Updated 2 years ago
- A set of programs for analyzing common vulnerabilities in COM☆223Updated 11 months ago
- Native Syscalls Shellcode Injector☆266Updated 2 years ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆149Updated 2 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- ☆192Updated last year
- BSides Prishtina 2024 Malware Development and Persistence workshop☆92Updated 2 months ago
- Windows rootkit designed to work with BYOVD exploits☆205Updated 7 months ago
- ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…☆169Updated 2 years ago
- CVE-2024-30090 - LPE PoC☆107Updated 10 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆204Updated 4 months ago
- A bunch of scripts and code i wrote.☆143Updated 9 months ago
- EDRSandblast-GodFault☆266Updated last year