A simple implant showcasing modern C++
☆108Dec 6, 2020Updated 5 years ago
Alternatives and similar repositories for cpp-implant
Users that are interested in cpp-implant are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆237Dec 14, 2024Updated last year
- C++ implant that interfaces with a SK8PARK server☆49Jun 28, 2021Updated 4 years ago
- ☆23May 28, 2021Updated 4 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- ☆48Mar 19, 2020Updated 6 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆92Oct 10, 2022Updated 3 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆553Dec 3, 2023Updated 2 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆359Sep 1, 2022Updated 3 years ago
- Dynamic COFF object loader☆23Jun 29, 2018Updated 7 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- PoC code from blog☆16Mar 10, 2020Updated 6 years ago
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- Beacon Object File (BOF) for remote process injection via thread hijacking☆220Jan 13, 2021Updated 5 years ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆61Jul 10, 2024Updated last year
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- all credits go to @mgeeky☆65Oct 14, 2021Updated 4 years ago
- https://blog.f-secure.com/hiding-malicious-code-with-module-stomping/☆126Sep 19, 2019Updated 6 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- Remove API hooks from a Beacon process.☆282Sep 18, 2021Updated 4 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- Red Team C code repo☆569Dec 16, 2024Updated last year
- Building and Executing Position Independent Shellcode from Object Files in Memory☆168Jan 30, 2021Updated 5 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆166May 27, 2020Updated 5 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- ☆259Nov 19, 2018Updated 7 years ago