HavocFramework / TalonLinks
(Demo) 3rd party agent for Havoc
☆140Updated last year
Alternatives and similar repositories for Talon
Users that are interested in Talon are comparing it to the libraries listed below
Sorting:
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆115Updated 3 years ago
- Patching AmsiOpenSession by forcing an error branching☆146Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Updated 3 years ago
- ☆167Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆82Updated last year
- C# havoc implant☆101Updated 2 years ago
- Your syscall factory☆124Updated last month
- ☆248Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆113Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆98Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆118Updated last year
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆136Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145Updated last year
- Find .net assemblies locally☆119Updated 2 years ago
- ☆187Updated last year
- ☆124Updated last year
- Do some DLL SideLoading magic☆84Updated last year
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆156Updated last year
- C# porting of SysWhispers2. It uses SharpASM to find the code caves for executing the system call stub.☆108Updated 2 years ago
- My implementation of the GIUDA project in C++☆185Updated 2 years ago
- Hookers are cooler than patches.☆170Updated 3 years ago
- Run Your Payload Without Running Your Payload☆180Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroids☆172Updated last year
- ☆206Updated 3 months ago
- Infect Shared Files In Memory for Lateral Movement☆194Updated 2 years ago
- Nim Payload Generation☆61Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆219Updated 3 years ago
- Modules used by the Havoc Framework☆240Updated last year
- A BOF to automate common persistence tasks for red teamers☆284Updated 2 years ago