M01N-Team / HeaderLessPELinks
☆240Updated last year
Alternatives and similar repositories for HeaderLessPE
Users that are interested in HeaderLessPE are comparing it to the libraries listed below
Sorting:
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆206Updated last year
- Dumping LSASS with a duplicated handle from custom LSA plugin☆201Updated 3 years ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆135Updated 2 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆227Updated last year
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆185Updated 2 years ago
- CobaltStrike beacon in rust☆188Updated 9 months ago
- A Beacon Object File (BOF) template for Visual Studio☆197Updated 2 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆394Updated last year
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆72Updated last year
- Bypass Detection By Randomising ROR13 API Hashes☆140Updated 3 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆232Updated 2 years ago
- A simple Sleepmask BOF example☆101Updated 8 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆310Updated last year
- Windows LPE☆124Updated 11 months ago
- A Tool that aims to evade av with binary padding☆151Updated 11 months ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆239Updated 11 months ago
- ☆158Updated 2 years ago
- A basic emulation of an "RPC Backdoor"☆240Updated 2 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆305Updated 3 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆234Updated last year
- Execute shellcode files with rundll32☆197Updated last year
- Credential Guard Bypass Via Patching Wdigest Memory☆329Updated 2 years ago
- WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler☆120Updated 6 months ago
- ☆130Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆216Updated 3 years ago
- ApexLdr is a DLL Payload Loader written in C☆110Updated 10 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆330Updated 2 years ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆180Updated this week
- Write-up for another forgotten Windows vulnerability (0day): Microsoft Windows Contacts (VCF/Contact/LDAP) syslink control href attribute…☆154Updated last year
- ☆163Updated last year