Nariod / ronflexLinks
Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pentesters. Written in Rust.
☆13Updated 2 years ago
Alternatives and similar repositories for ronflex
Users that are interested in ronflex are comparing it to the libraries listed below
Sorting:
- ☆48Updated 2 years ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated 2 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆27Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- Collection of Rust repos useful for Red Teamers.☆32Updated 2 years ago
- ☆18Updated 2 weeks ago
- Rust Implementation of SharpDllProxy for DLL Proxying Technique☆30Updated 2 years ago
- A collection of random small Aggressor snippets that don't warrant their own repo☆24Updated 2 years ago
- in-process powershell runner for BRC4☆45Updated last year
- ☆34Updated 3 months ago
- ☆59Updated last year
- Example of using Sleep to create better named pipes.☆41Updated last year
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated last year
- Donut generator in rust.☆27Updated 3 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated 2 years ago
- Event Tracing for Windows EDR bypass in Rust (usermode)☆26Updated last year
- Custom Python shellcode encryptor and obfuscator☆12Updated last year
- ShellcodeFluctuation PoC ported to Nim☆77Updated 2 years ago
- Beacon Object File implementation of Yaxser's Backstab☆15Updated 3 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- ☆48Updated 2 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- Stealthy Loader-cum-dropper/stage-1/stager targeting Windows10☆37Updated 2 years ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 6 months ago
- Abusing autoElevate - Fully Undetectable UAC Bypass exploit☆11Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated last year
- ☆36Updated last year