Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueApcThreadEx2) for stealthy execution. Minimal permissions, no allocations/protection changes
☆68Feb 17, 2026Updated last month
Alternatives and similar repositories for FrankensteinAPCInjection
Users that are interested in FrankensteinAPCInjection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆69Mar 11, 2026Updated 3 weeks ago
- Notion C2 Profile for Mythic☆42Mar 3, 2026Updated last month
- ClickForClickOnce - Generate configurable clickonce payloads☆93Oct 10, 2025Updated 5 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 9 months ago
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated 9 months ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆81Nov 6, 2025Updated 5 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆52Nov 2, 2025Updated 5 months ago
- ☆59Updated this week
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- A BloodHound collector written in Go that discovers Linux and SSH attack paths. Outputs OpenGraph JSON and integrates with existing Sharp…☆84Feb 27, 2026Updated last month
- ☆46Dec 5, 2023Updated 2 years ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆139Dec 7, 2025Updated 4 months ago
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆42Aug 10, 2025Updated 7 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.☆20Nov 11, 2025Updated 4 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- a BOF implementation of various registry persistence methods☆96Nov 11, 2025Updated 4 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- ☆108Aug 21, 2024Updated last year
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆289Feb 21, 2026Updated last month
- TLS fingerprint emulation upstream proxy replay any ClientHello☆37Updated this week
- Bof of RegPwn by MDSec☆115Mar 15, 2026Updated 3 weeks ago
- Opengraph-Compatible JSON Generator for BloodHound☆27Mar 30, 2026Updated last week
- ForsHops☆153Mar 25, 2025Updated last year
- Headless Binary Ninja MCP server — giving AI agents deep reverse-engineering capabilities via 180 tools.☆179Mar 4, 2026Updated last month
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- adws enumeration bof☆170Feb 16, 2026Updated last month
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆119Mar 27, 2026Updated last week
- exchange接口爆破|邮箱爆破☆20Sep 19, 2024Updated last year
- Sleep obfuscation☆272Dec 13, 2024Updated last year
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆33Dec 31, 2025Updated 3 months ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆40Nov 4, 2025Updated 5 months ago
- ASPX Web Shell with COFF Loader☆126Mar 10, 2026Updated 3 weeks ago
- Multi-protocol credential validation tool with spray and no-spray modes for penetration testing.☆15Jan 4, 2026Updated 3 months ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆46Jul 9, 2025Updated 9 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click and start building anything your business needs.
- Open KLara Project☆36Feb 12, 2026Updated last month
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆103Jan 9, 2026Updated 3 months ago
- Microsoft Entra ID (Azure AD) Unauthenticated Enumeration☆70Feb 5, 2026Updated 2 months ago
- ☆21Jun 9, 2023Updated 2 years ago
- Hackers Cookbook - Tons of hacker cli recipes ready to search and use when you need them☆45Mar 12, 2026Updated 3 weeks ago
- Azure apim mini proxy☆55Feb 16, 2026Updated last month
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆265Sep 23, 2025Updated 6 months ago