MzHmO / articles
☆33Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for articles
- To audit the security of read-only domain controllers☆113Updated 11 months ago
- ☆87Updated 2 months ago
- Execute commands in other Sessions☆80Updated 3 months ago
- ☆42Updated 2 years ago
- ☆77Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆72Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆88Updated 9 months ago
- Python tool to interact with WMI StdRegProv☆43Updated this week
- Library of BOFs to interact with SQL servers☆146Updated this week
- Secretsdump C# version only supporting local (live) operation☆47Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 10 months ago
- ☆66Updated 3 months ago
- ☆94Updated last year
- ☆83Updated 6 months ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆37Updated 10 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆73Updated last month
- A C# port from Invoke-GhostTask☆110Updated 10 months ago
- ☆62Updated 9 months ago
- Abuse leaked token handles.☆130Updated 11 months ago
- Beacon Object Files (BOF) for Cobalt Strike.☆28Updated 2 months ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆108Updated last month
- Go Shellcode Loader to be Integrated in Exploration C2☆21Updated last week
- Aggressor script add-in for CobaltStrike to track file uploads☆35Updated 2 years ago
- ApexLdr is a DLL Payload Loader written in C☆105Updated 4 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- Construct the payload at runtime using an array of offsets☆58Updated 5 months ago
- Golang implementation of @CCob's C# ThreadlessInject☆30Updated 6 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆72Updated 9 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month