Idov31 / NidhoggCSharpApiLinks
C# API for Nidhogg rootkit
☆19Updated last year
Alternatives and similar repositories for NidhoggCSharpApi
Users that are interested in NidhoggCSharpApi are comparing it to the libraries listed below
Sorting:
- ☆37Updated 2 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆37Updated 6 months ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆28Updated 4 months ago
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆57Updated 4 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Updated 3 years ago
- Modify managed functions from unmanaged code☆52Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 4 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated 2 years ago
- ☆58Updated 2 years ago
- ☆31Updated 9 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆44Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆84Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 9 months ago
- Sleep Obfuscation☆45Updated 3 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Updated 7 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- ☆56Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆60Updated 3 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆60Updated 2 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆33Updated 2 years ago
- Hooked create process injection for meterpreter☆23Updated 4 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Updated 3 years ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆49Updated last year