ProcessusT / CobaltStrikeBypassDefenderLinks
A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique
☆27Updated 2 years ago
Alternatives and similar repositories for CobaltStrikeBypassDefender
Users that are interested in CobaltStrikeBypassDefender are comparing it to the libraries listed below
Sorting:
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- ☆55Updated 8 months ago
- C++ Code to perform a MiniDump of lsass.exe☆34Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- ☆18Updated 8 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆70Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆51Updated 2 years ago
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆40Updated last year
- A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc.☆38Updated last year
- Various methods of executing shellcode☆70Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- PowerShell script to terminate protected processes such as anti-malware and EDRs.☆26Updated 2 years ago
- ☆34Updated 3 months ago
- ☆36Updated 2 years ago
- ☆19Updated 2 years ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆28Updated 2 years ago
- Cortex EDR Ransomware protection Bypass☆24Updated 4 months ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- API Hammering with C++20☆46Updated 2 years ago
- Section-based payload obfuscation technique for x64☆61Updated 10 months ago
- Just another ntdll unhooking using Parun's Fart technique☆75Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆47Updated last year
- The Web UI for Antnium