OffenseTeacher / Steganim
☆47Updated last year
Related projects: ⓘ
- A care package of useful bofs for red team engagments☆47Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- Click Once + App Domain☆61Updated 9 months ago
- A VSCode devcontainer for development of COFF files with batteries included.☆47Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆32Updated 8 months ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- ☆27Updated 3 months ago
- Rewrite to fit my needs☆25Updated last month
- ☆57Updated 9 months ago
- ☆54Updated last month
- Determine if the WebClient Service (WebDAV) is running on a remote system☆15Updated 6 months ago
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- A pure C version of SymProcAddress☆23Updated 6 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆50Updated 6 months ago
- ☆45Updated last year
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆18Updated last year
- ☆38Updated this week
- Lockless BOF☆62Updated 7 months ago
- ☆52Updated this week
- Python module for running BOFs☆63Updated last year
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 4 months ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆49Updated last year
- Sample Rust Hooking Engine☆32Updated 5 months ago
- in-process powershell runner for BRC4☆35Updated 10 months ago
- PoC XLL builder in Python/Nim☆40Updated last year
- Section-based payload obfuscation technique for x64☆59Updated last month
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆72Updated last month
- A more reliable way of resolving syscall numbers in Windows☆49Updated 7 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated last year
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆25Updated 2 years ago