M01N-Team / HeaderLessPELinks
☆244Updated 2 years ago
Alternatives and similar repositories for HeaderLessPE
Users that are interested in HeaderLessPE are comparing it to the libraries listed below
Sorting:
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Updated 2 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆200Updated 2 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆202Updated 3 years ago
- CobaltStrike beacon in rust☆207Updated last year
- WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler☆128Updated 2 months ago
- Windows LPE☆130Updated last year
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆176Updated last month
- A simple Sleepmask BOF example☆136Updated 3 months ago
- Bypass Detection By Randomising ROR13 API Hashes☆144Updated 3 years ago
- ☆100Updated last year
- ☆58Updated last year
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆78Updated last year
- Misc TaskScheduler Plays☆237Updated 3 years ago
- A Tool that aims to evade av with binary padding☆155Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆237Updated 7 months ago
- A basic emulation of an "RPC Backdoor"☆243Updated 3 years ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆247Updated last year
- Process injection alternative☆344Updated last year
- Credential Guard Bypass Via Patching Wdigest Memory☆331Updated 2 years ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆136Updated 3 years ago
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆178Updated 3 years ago
- Silently Install Chrome Extension For Persistence☆92Updated last year
- ApexLdr is a DLL Payload Loader written in C☆113Updated last year
- PoC exploit for the vulnerable WatchDog Anti-Malware driver (amsdk.sys) – weaponized to kill protected EDR/AV processes via BYOVD.☆154Updated 3 weeks ago
- ☆59Updated 10 months ago
- An implementation of an indirect system call☆131Updated 2 years ago
- Beacon compiled using clang☆71Updated 2 years ago
- ☆142Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆236Updated 2 years ago
- Go implementation of the self-deletion of an running executable from disk☆112Updated 2 years ago