A C++ tool for process memory scanning & suspicious telemetry generation that attempts to detect a number of malicious techniques used by threat actors & those which have been incorporated into open-source user-mode rootkits.
☆87May 13, 2024Updated last year
Alternatives and similar repositories for ELFieScanner
Users that are interested in ELFieScanner are comparing it to the libraries listed below
Sorting:
- Load a dynamic library from memory using a fuse mount☆31Sep 15, 2023Updated 2 years ago
- Create tar/zip archives that try to exploit zipslip vulnerability.☆48Sep 20, 2024Updated last year
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆22May 11, 2024Updated last year
- This repository contains an IDA processor for loading and disassembling compiled yara rules.☆51Dec 31, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Tools that can be useful for OSEP exam and PEN300 studies.☆73Mar 14, 2026Updated last week
- ☆12Aug 10, 2019Updated 6 years ago
- Mobile Reconnaissance Framework is a powerful, lightweight and platform-independent offensive mobile security tool designed to help hacke…☆79Feb 7, 2026Updated last month
- Identify hardcoded secrets in static structured text (version 2)☆98Feb 5, 2025Updated last year
- An interactive CLI application for interacting with authenticated Jupyter instances.☆55May 7, 2025Updated 10 months ago
- ��☆182Apr 24, 2025Updated 10 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆103Apr 27, 2025Updated 10 months ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- ☆11May 17, 2024Updated last year
- ☆42Nov 15, 2025Updated 4 months ago
- Fragtunnel is a proof-of-concept (PoC) TCP tunnel tool that you can use to tunnel your application's traffic and bypass next-generation f…☆220Jun 4, 2024Updated last year
- Read Chromium data (namely, cookies and local storage) straight from disk, without spinning up the browser.☆137May 7, 2025Updated 10 months ago
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆150May 3, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Tool created for Red Team to test default credentials on SSH and WinRM and then execute scripts with those credentials before the passwor…☆41May 7, 2023Updated 2 years ago
- To clean up your AWS AMIs: First, include AMIs by name or tag. Second, exclude AMIs in use, younger than N days, or the newest N images. …☆36Mar 10, 2026Updated last week
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- ☆155Jul 31, 2022Updated 3 years ago
- Segugio allows the execution and tracking of critical steps in the malware detonation process, from clicking on the first stage to extrac…☆151Sep 21, 2024Updated last year
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- Tooling and Scripts for Hacking Super Street Fighter II Cabinets☆18Aug 26, 2021Updated 4 years ago
- Android Overlay Hijack☆29Sep 11, 2024Updated last year
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password …☆166Apr 10, 2024Updated last year
- golang实现通过dcerpc和ntlmssp获取Windows远程主机信息☆28Apr 16, 2024Updated last year
- A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files☆127May 28, 2024Updated last year
- Semgrep-based Policy Controller for Kubernetes☆47Apr 4, 2025Updated 11 months ago
- ☆12May 9, 2023Updated 2 years ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- Intelligence and Reconnaissance Package/Bundle installer.☆28Nov 11, 2020Updated 5 years ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- Protect against subdomain takeover☆95Jul 20, 2025Updated 8 months ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆104Apr 22, 2024Updated last year