☆25Apr 28, 2024Updated last year
Alternatives and similar repositories for ReadWriteDriverSample
Users that are interested in ReadWriteDriverSample are comparing it to the libraries listed below
Sorting:
- ☆31Jul 26, 2024Updated last year
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- Info on how to use Kerberos KDC on a non-domain joined host☆53Jul 31, 2024Updated last year
- Windbg extension port for rp++ is a fast C++ ROP gadget finder for PE/ELF/Mach-O x86/x64/ARM/ARM64 binaries.☆13Sep 8, 2023Updated 2 years ago
- ☆181Apr 24, 2025Updated 10 months ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- ☆126Sep 1, 2024Updated last year
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆105Jan 24, 2024Updated 2 years ago
- Exploit for elevation of privilege vulnerability in QuickHeal's Seqrite EPS (CVE-2023-31497).☆18Oct 30, 2023Updated 2 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated last year
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆43Apr 14, 2024Updated last year
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆91Oct 10, 2022Updated 3 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- Keep it secret, keep it safe☆78Feb 6, 2025Updated last year
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- ☆57Apr 19, 2023Updated 2 years ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆150May 3, 2024Updated last year
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Apr 11, 2023Updated 2 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- Local & remote Windows DLL Proxying☆169Jun 17, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆27May 1, 2023Updated 2 years ago
- ☆18Dec 12, 2020Updated 5 years ago
- DFSCoerce exe revisited version with custom authentication☆42Jan 13, 2024Updated 2 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Interprocess communication via a covert timing channel☆26Oct 24, 2025Updated 4 months ago