FuzzySecurity / BHUSA-2023Links
☆105Updated last year
Alternatives and similar repositories for BHUSA-2023
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below
Sorting:
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆103Updated last year
- Tools for analyzing EDR agents☆238Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆313Updated last year
- ☆64Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- Local & remote Windows DLL Proxying☆165Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆272Updated 2 weeks ago
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆99Updated last year
- ☆118Updated last year
- Windows APT Warfare, published by Packt☆71Updated 2 years ago
- Aplos an extremely simple fuzzer for Windows binaries.☆69Updated 5 months ago
- ☆133Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆113Updated 10 months ago
- I have created these custom servers for preparing EXP-301 course (aka WUMED) exam and hope it will help to take OSED certification. Feel …☆48Updated last year
- ☆108Updated 2 years ago
- Find DLLs with RWX section☆81Updated 2 years ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆88Updated 2 months ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆129Updated last month
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆142Updated last month
- ☆147Updated last year
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆176Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆269Updated 10 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- ☆107Updated 9 months ago
- CVE-2024-30090 - LPE PoC☆107Updated 9 months ago
- ☆113Updated 3 years ago
- A Mythic Agent written in PIC C.☆196Updated 6 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆189Updated 8 months ago
- Activation Context Hijack☆155Updated 8 months ago