Idov31 / NidhoggCSharpApiLinks
C# API for Nidhogg rootkit
☆19Updated last year
Alternatives and similar repositories for NidhoggCSharpApi
Users that are interested in NidhoggCSharpApi are comparing it to the libraries listed below
Sorting:
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆37Updated 4 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- ☆36Updated 2 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆54Updated 2 months ago
- Modify managed functions from unmanaged code☆52Updated last year
- A work in progress BOF/COFF loader in Rust☆51Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 7 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- ☆28Updated 7 months ago
- ☆50Updated last month
- A C# implementation of dumping credentials from Windows Credential Manager☆60Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 3 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆43Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- Hooked create process injection for meterpreter☆23Updated 4 years ago
- ☆54Updated 2 years ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆26Updated 2 months ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- Bypassing Amsi using LdrLoadDll☆45Updated 7 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- Persistence via Shell Extensions☆62Updated 2 years ago
- Linux Sleep Obfuscation☆105Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆25Updated 11 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- ☆23Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- Beacon Debugger☆52Updated 10 months ago