Obfuscate the bytes of your payload with an association dictionary
☆75Nov 7, 2025Updated 3 months ago
Alternatives and similar repositories for Dictofuscation
Users that are interested in Dictofuscation are comparing it to the libraries listed below
Sorting:
- Automate your C2 creation with Azure Frontdoor and randomly generated options☆15Sep 20, 2024Updated last year
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- ☆36Feb 12, 2026Updated 2 weeks ago
- 2 PE Loader tools that load a PE from memory, decrypt it and make some magic things to execute seamlessly from memory☆50Nov 7, 2025Updated 3 months ago
- Attempts to suspend all known AV/EDRs processes on Windows using syscalls and the undocumented NtSuspendProcess API. Made with <3 for pen…☆13May 11, 2023Updated 2 years ago
- This exploit is utilising AddressOfEntryPoint of process which is RX and using WriteProcessMemory internal magic to change the permission…☆18Oct 31, 2024Updated last year
- Thats it! An Open-Source Windows UEFI Rootkit☆28Jul 19, 2025Updated 7 months ago
- ☆38Oct 16, 2025Updated 4 months ago
- Using LNK files and user input simulation to start processes under explorer.exe☆34Sep 21, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆93Apr 27, 2025Updated 10 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Backend development stack for agents☆29Jul 30, 2025Updated 7 months ago
- Collection of red team techniques.☆67Apr 25, 2025Updated 10 months ago
- .bin file to shellcode convertor☆39Jul 5, 2024Updated last year
- A generic sysreptor template to write on-premise related Altered Security's certifications reports of compromission.☆24Aug 17, 2025Updated 6 months ago
- The tool used to clone the digital signatures of legitimate programs☆56Oct 11, 2025Updated 4 months ago
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated last year
- Stage 0☆169Dec 18, 2024Updated last year
- Less sugar (entropy) for your binaries☆33Sep 10, 2025Updated 5 months ago
- ☆37Aug 8, 2021Updated 4 years ago
- Projected developed for fun only that simulates APT 29 and Lockbit TTPs, showcasing phishing, ISO execution, and DLL proxying for persist…☆61May 3, 2024Updated last year
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆21Jul 14, 2024Updated last year
- Cortex EDR Ransomware protection Bypass☆26Feb 8, 2025Updated last year
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- ☆44Apr 27, 2024Updated last year
- A Havoc UI tool to pivot onto a machine using ligolo-ng☆50Jan 23, 2024Updated 2 years ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- A launcher to load a DLL with xored cobalt strike shellcode executed in memory through process hollowing technique☆27Nov 11, 2022Updated 3 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆169May 17, 2023Updated 2 years ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆281Apr 6, 2025Updated 10 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆204Mar 6, 2025Updated 11 months ago
- LibreHealth v2.0.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) …☆13Jul 19, 2020Updated 5 years ago