A simple implant showcasing modern C++
☆108Dec 6, 2020Updated 5 years ago
Alternatives and similar repositories for cpp-implant
Users that are interested in cpp-implant are comparing it to the libraries listed below
Sorting:
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆234Dec 14, 2024Updated last year
- ☆48Mar 19, 2020Updated 5 years ago
- C++ implant that interfaces with a SK8PARK server☆49Jun 28, 2021Updated 4 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 5 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- Service Enumeration C# .NET Assembly☆58Sep 14, 2021Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆121Jun 24, 2020Updated 5 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆91Oct 10, 2022Updated 3 years ago
- ☆51Sep 18, 2020Updated 5 years ago
- C# Implementation of Jared Atkinson's Get-InjectedThread.ps1☆54Jul 11, 2021Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- ☆113Oct 10, 2022Updated 3 years ago
- ☆23May 28, 2021Updated 4 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Beacon Object File (BOF) for remote process injection via thread hijacking☆220Jan 13, 2021Updated 5 years ago
- A tool to create COM class/interface relationships in neo4j☆50Oct 12, 2022Updated 3 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- A proof-of-concept tool that attempts to retrieve the configuration from the memory dump of an F-Secure C3 Relay executable.☆17Jul 2, 2021Updated 4 years ago
- A novel technique to communicate between threads using the standard ETHREAD structure☆116Feb 27, 2021Updated 5 years ago
- AppXSVC Service race condition - privilege escalation☆30Jul 30, 2019Updated 6 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- PoC code from blog☆16Mar 10, 2020Updated 5 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- ☆73Oct 24, 2021Updated 4 years ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆129May 25, 2021Updated 4 years ago
- FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!☆358Sep 1, 2022Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆164May 27, 2020Updated 5 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆313Sep 16, 2021Updated 4 years ago
- KaynLdr is a Reflective Loader written in C/ASM☆555Dec 3, 2023Updated 2 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆32Nov 17, 2019Updated 6 years ago
- Caesar-Cipher based encryption☆29Mar 1, 2021Updated 5 years ago
- Generate droppers with encrypted payloads automatically.☆54Nov 16, 2021Updated 4 years ago
- Managed assembly shellcode generation☆280Mar 19, 2021Updated 4 years ago
- Proper Payload Protection Prevents Poor Performance☆76Jul 27, 2022Updated 3 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆218Mar 5, 2020Updated 5 years ago
- WMI SA stuffs☆30Apr 18, 2022Updated 3 years ago
- A C# tool to search through a running instance of Outlook for keywords☆111Jan 14, 2021Updated 5 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago