Command line & PPID spoofing
☆29Apr 15, 2023Updated 2 years ago
Alternatives and similar repositories for PEB-PPIDspoofing_Csharp
Users that are interested in PEB-PPIDspoofing_Csharp are comparing it to the libraries listed below
Sorting:
- A Simple ShellcodeLoader☆11Jun 4, 2021Updated 4 years ago
- Bypass windows eventlogs & Sysmon☆20Aug 24, 2021Updated 4 years ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- HookDetection☆45Sep 3, 2021Updated 4 years ago
- Process inject technique "Thread hijacking" via csharp☆15Dec 18, 2021Updated 4 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago
- ProcessHollowing via csharp☆13Dec 21, 2021Updated 4 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Sep 6, 2021Updated 4 years ago
- Bypass AMSI☆13Aug 8, 2021Updated 4 years ago
- Load shellcode via syscall☆56Jul 28, 2021Updated 4 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- ShellCodeLoader via DInvoke☆60Jul 5, 2021Updated 4 years ago
- Some stuff for PHD2021☆14May 21, 2025Updated 9 months ago
- 使用MiniDumpWriteDump与RtlReportSilentProcessExit实现提取lsass.dmp的工具☆11Dec 29, 2021Updated 4 years ago
- Bypassing ETW with Csharp☆27Oct 28, 2021Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- ☆31Aug 23, 2020Updated 5 years ago
- Perform Windows domain enumeration via LDAP☆37Jun 7, 2022Updated 3 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆41Sep 23, 2021Updated 4 years ago
- Beacon Object Files.☆36Feb 26, 2024Updated 2 years ago
- Original hVNC has been recoded to work with all version of windows above XP. Thanks to the original author for this wonderful tool.☆10Oct 13, 2021Updated 4 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- 自研的linux_c2☆13Jun 28, 2023Updated 2 years ago
- Cobalt Strike DNS beacon parser☆11Nov 29, 2021Updated 4 years ago
- woodpecker-framework sdk☆10May 19, 2021Updated 4 years ago
- woodpecker框架专用bcel库☆12Apr 30, 2021Updated 4 years ago
- A Windows 11 Rootkit. (Exploit has been patched)☆16Sep 7, 2025Updated 6 months ago
- Visualy create and connect nodes. Generates xml for python multiprocessing pipeline. (needs rewrite, lots of dead code, specialized appli…☆12Sep 6, 2018Updated 7 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Aug 5, 2023Updated 2 years ago
- Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations☆12Dec 9, 2022Updated 3 years ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- Certipy in Docker☆13Mar 28, 2024Updated last year
- 轻便的恶意反代☆48May 29, 2021Updated 4 years ago
- ☆26Jul 2, 2020Updated 5 years ago
- ☆31Sep 23, 2022Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and res…☆32Apr 28, 2025Updated 10 months ago