Nariod / ronflex
Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pentesters. Written in Rust.
☆13Updated last year
Alternatives and similar repositories for ronflex:
Users that are interested in ronflex are comparing it to the libraries listed below
- Rust Implementation of SharpDllProxy for DLL Proxying Technique☆30Updated 2 years ago
- ☆48Updated last year
- LSTAR - CobaltStrike Translated to EN☆13Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Event Tracing for Windows EDR bypass in Rust (usermode)☆18Updated 9 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- Working repo used to experiment with various languages as it relates to offensive security & evasion.☆31Updated 9 months ago
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆40Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- ☆35Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆36Updated 2 years ago
- Donut generator in rust.☆26Updated 3 years ago
- idk man this was the default github name☆35Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆80Updated last year
- A collection of source code, binaries, and compilation scripts designed to bypass detection☆25Updated 2 years ago
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80☆19Updated last year
- ☆59Updated last year
- Just another ntdll unhooking using Parun's Fart technique☆74Updated 2 years ago
- Custom Python shellcode encryptor and obfuscator☆12Updated 11 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- in-process powershell runner for BRC4☆45Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated last year
- Tool to aid in dumping LSASS process remotely☆38Updated 8 months ago
- Create PDFs with HTML smuggling attachments that save on opening the document.☆29Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Beacon Object File implementation of Yaxser's Backstab☆15Updated 3 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆74Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆28Updated last year