GetRektBoy724 / TripleS
Extracting Syscall Stub, Modernized
☆62Updated 2 years ago
Alternatives and similar repositories for TripleS:
Users that are interested in TripleS are comparing it to the libraries listed below
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆50Updated 2 years ago
- Unhook DLL via cleaning the DLL 's .text section☆8Updated 3 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆54Updated 2 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆81Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆101Updated last year
- RDPThief donut shellcode inject into mstsc☆83Updated 3 years ago
- C# Port of LdapRelayScan☆79Updated 2 years ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆50Updated 2 years ago
- Cobalt Strike BOF Files with Nim!☆84Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆85Updated 2 years ago
- ☆37Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆53Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆91Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆87Updated 2 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆69Updated 3 months ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆106Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆63Updated last year
- A care package of useful bofs for red team engagments☆54Updated 2 months ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆47Updated 3 years ago
- ☆93Updated 2 years ago
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆72Updated 4 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆83Updated last year
- ☆61Updated 2 years ago
- Inject shellcode into process via "EarlyBird"☆25Updated 3 years ago
- A BOF to interact with COM objects associated with the Windows software firewall.☆102Updated 3 years ago
- C# Tool to interact with MS Exchange based on MS docs☆99Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆68Updated last year