power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes
☆48Sep 27, 2021Updated 4 years ago
Alternatives and similar repositories for power-kill
Users that are interested in power-kill are comparing it to the libraries listed below
Sorting:
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability"☆60Feb 26, 2022Updated 4 years ago
- An improvement over the original Mimikatz wrapper.☆19Aug 11, 2021Updated 4 years ago
- Kill Protected Process Light Process (include av)☆58Sep 15, 2023Updated 2 years ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- jsfind burp插件版☆18May 27, 2022Updated 3 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated 11 months ago
- CVE-2022-30525 Zyxel 防火墙命令注入漏洞 POC&EXPC☆12May 28, 2022Updated 3 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- ☆51Aug 28, 2021Updated 4 years ago
- Attack SQL Server through gopher protocol☆21Nov 22, 2021Updated 4 years ago
- 杂 物 收 纳☆15Aug 4, 2023Updated 2 years ago
- AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell☆163Sep 28, 2021Updated 4 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- 命令行版向日葵RCE漏洞利用工具 / cmd version of sunlogin exploit tool☆15Mar 26, 2022Updated 3 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆29May 28, 2020Updated 5 years ago
- CS shellcode 加载器☆61Jan 7, 2022Updated 4 years ago
- ☆91Jun 29, 2021Updated 4 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 3 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- ReturnGate, just like HellsGate.☆68Aug 10, 2022Updated 3 years ago
- C++枚举磁盘列表、遍历指定盘搜索特定类型文件/微信导出密钥,文件回传等功能☆153Jan 9, 2023Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- 基于rustdesk修改的远程桌面软件,将agent部分分离出来☆226Nov 14, 2023Updated 2 years ago
- ☆42May 14, 2024Updated last year
- 创建隐藏计划任务,权限维持,Bypass AV☆558Sep 1, 2021Updated 4 years ago
- 免杀小小工具集☆108Aug 8, 2022Updated 3 years ago
- 一个cobaltstrike shellcode加载器,过国内主流杀软☆124May 21, 2021Updated 4 years ago
- springboot跨线程注入内存马☆123Apr 10, 2022Updated 3 years ago
- command execute without 445 port☆57Feb 25, 2022Updated 4 years ago
- 将shellcode注入dwm.exe以进行屏幕截取☆356Mar 22, 2022Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- Defense Evasion & Bypass AntiVirus reference☆74Mar 28, 2021Updated 4 years ago
- Code By:Tas9er / 亿邮电子邮件系统批量远程命令执行☆36Apr 11, 2021Updated 4 years ago
- CSAgent 与 GoogleAuth 的缝合体,cobalt strike的破解+otp动态口令的agent☆132Aug 3, 2022Updated 3 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Cobalt Strike BOF that Add an admin user☆79Oct 11, 2022Updated 3 years ago