GetRektBoy724 / TripleS
Extracting Syscall Stub, Modernized
☆63Updated 3 years ago
Alternatives and similar repositories for TripleS:
Users that are interested in TripleS are comparing it to the libraries listed below
- My implementation of Halo's Gate technique in C#☆54Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆52Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Updated 3 years ago
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆82Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆93Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆84Updated 2 years ago
- ☆38Updated 2 years ago
- Simple .NET loader for loading and executing Powershell payloads☆16Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆104Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆79Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆53Updated 2 years ago
- ☆62Updated 2 years ago
- Exploring in-memory execution of .NET☆137Updated 2 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆51Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆86Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆24Updated 2 years ago
- A C# port of the MinHook API hooking library☆52Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆94Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- C# Tool to interact with MS Exchange based on MS docs☆99Updated 2 years ago
- A care package of useful bofs for red team engagments☆55Updated 4 months ago
- .NET implementation of Cobalt Strike's External C2 Spec☆86Updated 3 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆72Updated 5 months ago
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆88Updated 2 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆74Updated 2 years ago