Logan-Elliott / HollowGhostLinks
Process hollowing C# shellcode runner that is FUD against Microsoft Defender as of October 7, 2023.
☆20Updated last year
Alternatives and similar repositories for HollowGhost
Users that are interested in HollowGhost are comparing it to the libraries listed below
Sorting:
- Generate an Alphabetical Polymorphic Shellcode☆114Updated last month
- A PoC for Early Cascade process injection technique.☆193Updated 7 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆81Updated 4 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆148Updated this week
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆42Updated 9 months ago
- Injecting DLL into LSASS at boot☆138Updated 4 months ago
- .NET assembly loader with patchless AMSI and ETW bypass in Rust☆53Updated 11 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆121Updated 8 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆163Updated last year
- ☆203Updated last year
- early cascade injection PoC based on Outflanks blog post☆230Updated 10 months ago
- The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously.☆27Updated last year
- Malicious powershell scripts loader designed to avoid detection.☆51Updated 2 years ago
- BOF with Synthetic Stackframe☆167Updated 6 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆176Updated last month
- 🧠 The ultimate, community-curated resource for Beacon Object Files (BOFs) — tutorials, how-tos, deep dives, and reference materials.☆83Updated 2 weeks ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆132Updated 3 months ago
- Ghosting-AMSI☆217Updated 4 months ago
- Mockingjay process self injection POC☆39Updated 2 years ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆27Updated 10 months ago
- ☆120Updated 6 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆255Updated 5 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆173Updated 6 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆114Updated 2 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆187Updated 7 months ago
- a port of privkit bof for havoc�☆23Updated last year
- Sleep obfuscation☆234Updated 9 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆160Updated last year
- ☆134Updated 2 weeks ago