Specialized tool to dump Position Independent Code.
☆22Aug 4, 2020Updated 5 years ago
Alternatives and similar repositories for picaboo
Users that are interested in picaboo are comparing it to the libraries listed below
Sorting:
- WinRemoteEnum is a module-based collection of operations achievable by a low-privileged domain user.☆13Oct 24, 2022Updated 3 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Finding Truth in the Shadows☆125Jan 26, 2023Updated 3 years ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- A fast python tool for creating permutations of alphanumerics☆11Mar 22, 2020Updated 5 years ago
- ☆16Apr 14, 2020Updated 5 years ago
- A library to parse, modify, and implement Malleable C2 profiles☆27Feb 9, 2019Updated 7 years ago
- A PoC tool for exploiting leaked process and thread handles☆32Feb 13, 2024Updated 2 years ago
- ☆11Jun 9, 2020Updated 5 years ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆69Jan 19, 2026Updated 2 months ago
- ☆90Jun 2, 2024Updated last year
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- A prototype malware C2 channel using x509 certificates over mTLS☆152Mar 15, 2024Updated 2 years ago
- This tool parses NTDLL.DLL, extracts all the syscall numbers and helps in making direct syscalls, in order to help evasion.☆15Jun 6, 2022Updated 3 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- Python API bindings for FireEye Products☆13Feb 17, 2021Updated 5 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- A simple Linux in-memory .so loader☆33Mar 29, 2023Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆192Dec 14, 2022Updated 3 years ago
- Regex out URI parameters from backend code, craft URIs to check for reflections or send to local burp proxy☆13Dec 8, 2022Updated 3 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆172May 17, 2023Updated 2 years ago
- ☆14Sep 22, 2023Updated 2 years ago
- Parses Cobalt Strike malleable C2 profiles.☆61Updated this week
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- ☆124May 12, 2021Updated 4 years ago
- ☆150Mar 12, 2026Updated last week
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Assembly block for finding and calling the windows API functions inside import address table(IAT) of the running PE file.☆84May 3, 2023Updated 2 years ago
- Program to extract files from a WindowsCE firmware dump.☆14Mar 20, 2022Updated 4 years ago
- C Header Only Library for Virii☆11Nov 17, 2020Updated 5 years ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- A quick and dirty way to bypass encrypted EPA to connect to a NetScaler Gateway☆20Oct 11, 2019Updated 6 years ago
- A collection of my presentation materials.☆17Apr 29, 2024Updated last year
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- ☆39Sep 26, 2022Updated 3 years ago
- function identification signatures☆12Apr 26, 2021Updated 4 years ago