ProcessusT / CobaltStrikeBypassDefenderLinks
A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique
☆26Updated 2 years ago
Alternatives and similar repositories for CobaltStrikeBypassDefender
Users that are interested in CobaltStrikeBypassDefender are comparing it to the libraries listed below
Sorting:
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 8 months ago
- Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)☆41Updated last year
- MS Office and Windows HTML RCE (CVE-2023-36884) - PoC and exploit☆40Updated last year
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆85Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- ☆18Updated 7 months ago
- Custom Python shellcode encryptor and obfuscator☆12Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆70Updated last year
- ☆36Updated 2 years ago
- API Hammering with C++20☆46Updated 2 years ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆60Updated 2 years ago
- C++ Code to perform a MiniDump of lsass.exe☆34Updated last year
- Shellcode Loader using indirect syscalls☆15Updated last year
- Various methods of executing shellcode☆70Updated 2 years ago
- The Web UI for Antnium☆27Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆41Updated last year
- Winsocket for Cobalt Strike.☆98Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- ☆55Updated 7 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Create Anti-Copy DRM Malware☆57Updated 9 months ago
- PowerShell script to terminate protected processes such as anti-malware and EDRs.☆26Updated last year
- BYOVD Technique Example using viragt64 driver☆40Updated 10 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- Cortex EDR Ransomware protection Bypass☆24Updated 4 months ago