ProcessusT / CobaltStrikeBypassDefender
A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique
☆24Updated last year
Related projects: ⓘ
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆39Updated last year
- Red Team Operation's Defense Evasion Technique.☆50Updated 3 months ago
- Do some DLL SideLoading magic☆72Updated 11 months ago
- ☆24Updated last year
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆50Updated last year
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆51Updated 7 months ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆79Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆55Updated 5 months ago
- Duplicate not owned Token from Running Process☆72Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆20Updated this week
- Token Elevation to authorized user as SYSTEM or Domain Admins☆22Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated 6 months ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆64Updated 2 years ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- RDLL for Cobalt Strike beacon to silence sysmon process☆85Updated 2 years ago
- ☆96Updated this week
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆86Updated 11 months ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago
- C# havoc implant☆90Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆81Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆37Updated 2 years ago
- PDF Icon File Type Spoofer☆12Updated 2 months ago
- A PoC for achieving persistence via push notifications on Windows☆43Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆64Updated 10 months ago
- ☆33Updated last year
- PoC-Malware-TTPs☆48Updated last year
- ☆90Updated 6 months ago
- Programmatically start WebClient from an unprivileged session to enable that juicy privesc.☆60Updated last year
- VirusTotal Stealer is a DATA Exfiltration tool that exfitrate office documents and tunnel them over VirusTotal API to the Team Server☆62Updated 11 months ago
- A repository with my code snippets for research/education purposes.☆51Updated last year