☆64Dec 19, 2024Updated last year
Alternatives and similar repositories for CallStackSpoofer
Users that are interested in CallStackSpoofer are comparing it to the libraries listed below
Sorting:
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆185Jan 17, 2026Updated last month
- various methods of making API calls☆19Feb 1, 2025Updated last year
- BOF to run PE in Cobalt Strike Beacon without console creation☆186Nov 23, 2025Updated 3 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆48Nov 2, 2025Updated 3 months ago
- ☆108Aug 21, 2024Updated last year
- Sniffing files generator☆61Feb 24, 2025Updated last year
- ☆12Feb 4, 2025Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆123Jan 17, 2026Updated last month
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- A simple reverse ssh/proxy implant PoC for *nix systems.☆57Jul 5, 2024Updated last year
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆128Jan 28, 2026Updated 3 weeks ago
- ☆139Jan 16, 2025Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated last year
- Title is self explaining, well theres few methods we can do to read locked file and play with it...☆96Jan 5, 2026Updated last month
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆297Jul 31, 2024Updated last year
- HTML Smuggling with Web Assembly☆66Feb 20, 2024Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- Proof of Concept (PoC) implant for creating custom Cobalt Strike Beacons☆152Feb 11, 2026Updated 2 weeks ago
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated 11 months ago
- Adversary Emulation Framework☆129Jul 1, 2025Updated 7 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 2 months ago
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated 3 weeks ago
- early cascade injection PoC based on Outflanks blog post☆237Nov 7, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆136Apr 18, 2025Updated 10 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆137Apr 6, 2025Updated 10 months ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated last year
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆100Jul 9, 2025Updated 7 months ago
- ☆101Oct 7, 2023Updated 2 years ago