Orange-Cyberdefense / EDRSnowblastView external linksLinks
This project is an EDRSandblast fork, adding some features and custom pieces of code.
☆25Sep 29, 2023Updated 2 years ago
Alternatives and similar repositories for EDRSnowblast
Users that are interested in EDRSnowblast are comparing it to the libraries listed below
Sorting:
- Another Portable Executable files analysing stuff☆21May 28, 2011Updated 14 years ago
- A Havoc UI tool to pivot onto a machine using ligolo-ng☆50Jan 23, 2024Updated 2 years ago
- Dump LSASS by spoofing command line arguments to procdump.☆20Oct 21, 2024Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- TypeLib persistence technique☆139Oct 22, 2024Updated last year
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆14Oct 31, 2023Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- Proof-of-Concept to evade auditd by tampering via ptrace☆18Aug 3, 2023Updated 2 years ago
- Abuse leaked token handles.☆136Dec 14, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- Port of Cobalt Strike's Process Inject Kit☆190Dec 1, 2024Updated last year
- NailaoLoader: Hiding Execution Flow via Patching☆22Feb 27, 2025Updated 11 months ago
- A lexer and parser for Sleep☆20May 14, 2025Updated 9 months ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆17May 6, 2024Updated last year
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆167May 30, 2024Updated last year
- ☆58Feb 16, 2025Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆186Mar 4, 2024Updated last year
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- ApexLdr is a DLL Payload Loader written in C☆116Jul 17, 2024Updated last year
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆254Oct 16, 2024Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆258Jun 29, 2024Updated last year
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- A C# port from Invoke-GhostTask☆119Jan 5, 2024Updated 2 years ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆307Dec 9, 2023Updated 2 years ago
- Mentally ill EtwTi parser☆67Jan 11, 2026Updated last month
- ☆126Sep 1, 2024Updated last year
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- find dll base addresses without PEB WALK☆157Jul 13, 2025Updated 7 months ago
- Tool to obtain hash using MS-SNTP for user accounts☆28Jan 22, 2025Updated last year
- C2 redirector base on caddy☆214May 28, 2024Updated last year
- ☆10Jul 1, 2023Updated 2 years ago