power-kill is a project that kill protected processes (such as EDR or AV) by injecting shellcode into high privilege processes
☆48Sep 27, 2021Updated 4 years ago
Alternatives and similar repositories for power-kill
Users that are interested in power-kill are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- An improvement over the original Mimikatz wrapper.☆19Aug 11, 2021Updated 4 years ago
- PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability"☆60Feb 26, 2022Updated 4 years ago
- jsfind burp插件版☆18May 27, 2022Updated 3 years ago
- Kill Protected Process Light Process (include av)☆57Sep 15, 2023Updated 2 years ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- CVE-2022-30525 Zyxel 防火墙命令注入漏洞 POC&EXPC☆12May 28, 2022Updated 3 years ago
- CS shellcode 加载器☆61Jan 7, 2022Updated 4 years ago
- 命令行版向日葵RCE漏洞利用工具 / cmd version of sunlogin exploit tool☆15Mar 26, 2022Updated 3 years ago
- Attack SQL Server through gopher protocol☆21Nov 22, 2021Updated 4 years ago
- ☆91Jun 29, 2021Updated 4 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆150Mar 13, 2022Updated 4 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated last year
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆29May 28, 2020Updated 5 years ago
- 杂 物 收 纳☆15Aug 4, 2023Updated 2 years ago
- 一个cobaltstrike shellcode加载器,过国内主流杀软☆124May 21, 2021Updated 4 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- ReturnGate, just like HellsGate.☆68Aug 10, 2022Updated 3 years ago
- AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell☆163Sep 28, 2021Updated 4 years ago
- 免杀小小工具集☆108Aug 8, 2022Updated 3 years ago
- (批量化改造)sharpwmi是一个基于rpc的横向移动工具,具有上传文件和执行命令功能。☆108Jan 8, 2021Updated 5 years ago
- 基于rustdesk修改的远程桌面软件,将agent部分分离出来☆227Nov 14, 2023Updated 2 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- C++枚举磁盘列表、遍历指定盘搜索特定类型文件/微信导出密钥,文件回传等功能☆153Jan 9, 2023Updated 3 years ago
- ☆42May 14, 2024Updated last year
- CSAgent 与 GoogleAuth 的缝合体,cobalt strike的破解+otp动态口令的agent☆132Aug 3, 2022Updated 3 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- 沙箱IP、网络测绘ip、全网扫描ip等等收集☆128Nov 8, 2021Updated 4 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- Defense Evasion & Bypass AntiVirus reference☆74Mar 28, 2021Updated 4 years ago
- Ligolo : 用于内网渗透的反向隧道☆225Mar 10, 2022Updated 4 years ago
- An easy way to getsystem by golang.☆55Aug 30, 2021Updated 4 years ago
- 创建隐藏计划任务,权限维持,Bypass AV☆559Sep 1, 2021Updated 4 years ago
- 提取DC日志,快速获取域用户对应IP地址☆310Mar 21, 2022Updated 4 years ago
- Oracle Access Manager Unauthenticated Attacker Vulnerability CVE-2021-35587☆42Mar 14, 2022Updated 4 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- command execute without 445 port☆57Feb 25, 2022Updated 4 years ago