FuzzySecurity / Capcom-RootkitLinks
Capcom Rootkit POC
☆195Updated 8 years ago
Alternatives and similar repositories for Capcom-Rootkit
Users that are interested in Capcom-Rootkit are comparing it to the libraries listed below
Sorting:
- This is a standalone exploit for a vulnerable feature in Capcom.sys☆304Updated 2 years ago
- Windows - Weaponizing privileged file writes with the Update Session Orchestrator service☆389Updated 5 years ago
- Universal Unhooking☆321Updated 6 years ago
- ☆488Updated 7 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆331Updated 5 years ago
- A meterpreter extension for applying hooks to avoid windows defender memory scans☆246Updated 4 years ago
- AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence" since 2019.☆387Updated 6 years ago
- Proof of concept for abusing SeLoadDriverPrivilege (Privilege Escalation in Windows)☆142Updated 6 years ago
- Bring your own print driver privilege escalation tool☆250Updated 3 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆235Updated 5 years ago
- Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.☆204Updated 7 years ago
- Extract Windows Defender database from vdm files and unpack it☆440Updated 5 years ago
- A more stealthy variant of "DLL hollowing"☆347Updated last year
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆345Updated 4 years ago
- An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.☆520Updated 5 years ago
- Search for code cave in all binaries☆282Updated 10 months ago
- The project is designed as a file resource cloner. Metadata, including digital signature, is extracted from one file and injected into a…☆346Updated 6 months ago
- An improvement of the original reflective DLL injection technique by Stephen Fewer of Harmony Security☆324Updated 7 years ago
- Fork of mona.py with x64dbg support☆103Updated 3 years ago
- Collection of CSharp Assemblies focused on Post-Exploitation Capabilities☆229Updated 6 years ago
- Cminer is a tool for enumerating the code caves in PE files.☆151Updated 2 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆217Updated 5 years ago
- Demos of various (also non standard) persistence methods used by malware☆221Updated 2 years ago
- Just another Windows Process Injection☆399Updated 4 years ago
- ChimeraPE (a PE injector type - alternative to: RunPE, ReflectiveLoader, etc) - a template for manual loading of EXE, loading imports pay…☆224Updated 2 years ago
- a tool to make it easy and fast to test various forms of injection☆173Updated 6 years ago
- A small, null-free Windows shellcode that executes calc.exe (x86/x64, all OS/SPs)☆413Updated last year
- A repository of some of my Windows 10 Device Guard Bypasses☆137Updated 7 years ago
- Code from this article: https://blog.rapid7.com/2018/05/03/hiding-metasploit-shellcode-to-evade-windows-defender/☆175Updated 4 years ago
- Example DLL to load from Windows NetShell☆180Updated 8 years ago