A method to execute shellcode using RegisterWaitForInputIdle API.
☆55Apr 4, 2023Updated 2 years ago
Alternatives and similar repositories for IDLE-Abuse
Users that are interested in IDLE-Abuse are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- ☆37Feb 11, 2023Updated 3 years ago
- Simple BOF to read the protection level of a process☆119May 10, 2023Updated 2 years ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- Tool for efficient directory enumeration☆64Jan 27, 2026Updated last month
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Brute Ratel LDAP filtering and sorting tool. Easily take BR log output and pull hostnames for ease of use with other red team tooling. Su…☆38Nov 16, 2023Updated 2 years ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆173Apr 27, 2023Updated 2 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆174Mar 15, 2023Updated 3 years ago
- Small PoC of using a Microsoft signed executable as a lolbin.☆141Feb 27, 2023Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆374Apr 19, 2023Updated 2 years ago
- Weaponized HellsGate/SigFlip☆204Jun 7, 2023Updated 2 years ago
- ☆79Aug 2, 2023Updated 2 years ago
- Winsocket for Cobalt Strike.☆104Jul 6, 2023Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Simple dotnet Native AOT app that uses AsmResolver to convert shellcode to PE☆65May 1, 2023Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 3 years ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 3 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- ☆29May 16, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆303Oct 26, 2022Updated 3 years ago
- Bypassing PatchGuard on modern x64 systems☆265Apr 9, 2023Updated 2 years ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆203Jun 23, 2023Updated 2 years ago
- ☆38Jun 5, 2023Updated 2 years ago
- ☆91Jul 18, 2023Updated 2 years ago
- This code example allows you to create a malware.exe sample that can be run in the context of a system service, and could be used for loc…☆55May 8, 2023Updated 2 years ago
- ☆125Jun 28, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- WIP shellcode loader in nim with EDR evasion techniques☆219Mar 30, 2022Updated 3 years ago
- ☆246Sep 19, 2023Updated 2 years ago
- Basic interactive Windows kernel offensive toolkit written in C☆137Sep 20, 2025Updated 6 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- A RunAs clone with the ability to specify the password as an argument.☆112Jul 2, 2023Updated 2 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆189Apr 19, 2023Updated 2 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆308Feb 13, 2023Updated 3 years ago