M01N-Team / HeaderLessPELinks
☆242Updated 2 years ago
Alternatives and similar repositories for HeaderLessPE
Users that are interested in HeaderLessPE are comparing it to the libraries listed below
Sorting:
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆205Updated 2 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆144Updated 3 years ago
- Cobalt Strike Beacon Object File for bypassing UAC via the CMSTPLUA COM interface.☆202Updated 3 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆202Updated 3 years ago
- WPTaskScheduler RPC Persistence & CVE-2024-49039 via Task Scheduler☆129Updated 3 months ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆78Updated last year
- Windows LPE☆132Updated last year
- A simple Sleepmask BOF example☆140Updated 4 months ago
- CobaltStrike beacon in rust☆206Updated last year
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆178Updated 2 months ago
- ☆57Updated last year
- Misc TaskScheduler Plays☆234Updated 3 years ago
- A basic emulation of an "RPC Backdoor"☆243Updated 3 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆143Updated 3 years ago
- ☆59Updated 11 months ago
- A Tool that aims to evade av with binary padding☆155Updated last year
- ☆100Updated last year
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆136Updated 3 years ago
- Lockbit3.0 Microsoft Defender MpClient.dll DLL Hijacking PoC☆178Updated 3 years ago
- Credential Guard Bypass Via Patching Wdigest Memory☆330Updated 2 years ago
- Little program written in C# to bypass EDR hooks and dump the content of the lsass process☆61Updated 4 years ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆248Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆236Updated 8 months ago
- Silently Install Chrome Extension For Persistence☆92Updated last year
- ☆142Updated 2 years ago
- Beacon compiled using clang☆71Updated 2 years ago
- Tired of looking at hex all day and popping '\x41's? Rather look at Lugia/Charmander? I have the solution for you.☆126Updated 3 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆315Updated 3 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆294Updated 2 years ago
- Go implementation of the self-deletion of an running executable from disk☆112Updated 2 years ago