☆105Jul 11, 2024Updated last year
Alternatives and similar repositories for BHUSA-2023
Users that are interested in BHUSA-2023 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 3 years ago
- ☆123Nov 21, 2024Updated last year
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆759May 23, 2025Updated last year
- ☆138Apr 20, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 3 years ago
- Dump Windows SAM hashes☆42Aug 9, 2023Updated 2 years ago
- ☆36Oct 26, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆318Aug 31, 2023Updated 2 years ago
- ☆70Oct 30, 2023Updated 2 years ago
- Encodes a payload within a generated mock-CSS file☆59Sep 18, 2023Updated 2 years ago
- Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆13Sep 8, 2023Updated 2 years ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆111Mar 10, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 3 years ago
- A small and portable Windows C library for sandbox detection☆36Oct 2, 2023Updated 2 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆115Nov 19, 2022Updated 3 years ago
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆672Dec 23, 2022Updated 3 years ago
- .net config loader☆350Nov 9, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆246Sep 26, 2023Updated 2 years ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆415Sep 12, 2023Updated 2 years ago
- ☆13Dec 27, 2014Updated 11 years ago
- rpv is a v library for analyzing RPC servers and interfaces on the Windows operating system☆39Nov 21, 2025Updated 6 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- A collection of my scripts for research☆12Jul 28, 2025Updated 10 months ago
- Using fibers to run in-memory code.☆244Oct 19, 2023Updated 2 years ago
- Security research helper for CLFS drivers☆16Sep 5, 2024Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆119May 2, 2024Updated 2 years ago
- dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.☆26Mar 22, 2026Updated 2 months ago
- DEFCON 31 slide deck and video link☆68Jun 2, 2025Updated 11 months ago
- Reaping treasures from strings in remote processes memory☆288Feb 8, 2025Updated last year
- MacroExploit use in excel sheet☆20Jun 12, 2023Updated 2 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Kernel mode WinDbg extension and PoCs for token privilege investigation.☆913May 22, 2026Updated last week
- Azure DevOps Services Attack Toolkit☆315Mar 15, 2025Updated last year
- ☆305Oct 29, 2024Updated last year
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 3 years ago
- ☆150Mar 22, 2024Updated 2 years ago
- ☆337Sep 21, 2025Updated 8 months ago