MMitsuha / Tajimari
the Open Source and Pure C++ Packer for eXecutables
☆18Updated last year
Related projects: ⓘ
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆64Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆31Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆34Updated 9 months ago
- API Hammering with C++20☆34Updated 2 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- ☆33Updated last year
- ☆38Updated this week
- A method to execute shellcode using RegisterWaitForInputIdle API.☆50Updated last year
- ☆36Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆37Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- ☆37Updated last year
- BYOVD collection☆19Updated 5 months ago
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆23Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆49Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- ☆73Updated this week
- ☆24Updated this week
- ☆25Updated this week
- ☆50Updated this week
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆18Updated 11 months ago
- Collection of Rust repos useful for Red Teamers.☆26Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆41Updated 6 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆93Updated last year
- ☆12Updated last year
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆18Updated last year
- Persistence via Shell Extensions☆60Updated last year
- Artemis - C++ Hell's Gate Syscall Implementation☆31Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆32Updated 8 months ago