MythicAgents / Hannibal
A Mythic Agent written in PIC C.
☆175Updated last month
Alternatives and similar repositories for Hannibal:
Users that are interested in Hannibal are comparing it to the libraries listed below
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆182Updated 3 months ago
- ☆142Updated 7 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆118Updated this week
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆256Updated 5 months ago
- Stage 0☆153Updated 2 months ago
- "Service-less" driver loading☆148Updated 3 months ago
- ☆148Updated 3 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- Sleep obfuscation☆209Updated 3 months ago
- Construct the payload at runtime using an array of offsets☆62Updated 8 months ago
- Port of Cobalt Strike's Process Inject Kit☆167Updated 3 months ago
- ☆103Updated 4 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆231Updated 3 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆157Updated 9 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆87Updated last month
- ☆170Updated 4 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆107Updated 2 months ago
- AzureAD beacon object files☆117Updated 2 months ago
- Adversary Emulation Framework☆91Updated 7 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆157Updated 2 months ago
- A PoC for Early Cascade process injection technique.☆163Updated last month
- ☆181Updated last year
- early cascade injection PoC based on Outflanks blog post☆207Updated 4 months ago
- A set of programs for analyzing common vulnerabilities in COM☆197Updated 6 months ago
- Windows rootkit designed to work with BYOVD exploits☆168Updated last month