Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueApcThreadEx2) for stealthy execution. Minimal permissions, no allocations/protection changes
☆75Feb 17, 2026Updated 3 months ago
Alternatives and similar repositories for FrankensteinAPCInjection
Users that are interested in FrankensteinAPCInjection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆82Apr 11, 2026Updated last month
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated last month
- Bof of RegPwn by MDSec☆123Mar 15, 2026Updated 2 months ago
- ClickForClickOnce - Generate configurable clickonce payloads☆95Apr 17, 2026Updated last month
- a BOF implementation of various registry persistence methods☆97Nov 11, 2025Updated 6 months ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆19Jun 26, 2025Updated 11 months ago
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 11 months ago
- ☆111Aug 21, 2024Updated last year
- Command and Control Framework using powershell implants☆36Jun 17, 2025Updated 11 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆87Nov 6, 2025Updated 7 months ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆54Nov 2, 2025Updated 7 months ago
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 6 months ago
- ExportHider: Generating Export Table during Runtime to Hide the Exported Functions from the DLL File.☆33Apr 12, 2026Updated last month
- Folder Or File Delete to Get System Shell on Current Session Desktop☆46Jan 14, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- A Beacon Object File (BOF) that talks directly to Windows authentication packages through the LSA untrusted/trusted client interface, wit…☆296Feb 21, 2026Updated 3 months ago
- ForsHops☆154Mar 25, 2025Updated last year
- A BloodHound collector written in Go that discovers Linux and SSH attack paths. Outputs OpenGraph JSON and integrates with existing Sharp…☆86May 16, 2026Updated 3 weeks ago
- ☆47Dec 5, 2023Updated 2 years ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆139Dec 7, 2025Updated 6 months ago
- Impacket pre-compiled binaries☆20Jul 31, 2023Updated 2 years ago
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆46Aug 10, 2025Updated 9 months ago
- ☆84Apr 8, 2026Updated 2 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆134Oct 4, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- test☆107Apr 25, 2026Updated last month
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Crystal Palace library for proxying Nt API calls via the Threadpool. Updated for call gadgets.☆23Nov 11, 2025Updated 6 months ago
- A headless MCP server for IDA Pro and Ghidra☆99Updated this week
- A tool to easily perform GitHub Device Code Phishing on red team engagements☆95Feb 9, 2026Updated 4 months ago
- TLS fingerprint emulation upstream proxy replay any ClientHello☆48Apr 6, 2026Updated 2 months ago
- Opengraph-Compatible JSON Generator for BloodHound☆28Mar 30, 2026Updated 2 months ago
- ProxyWatch☆49Apr 25, 2026Updated last month
- Generate polymorphic, position-independent virtual machines (PIVMs) from arbitrary x86/x64 shellcode.☆426Updated this week
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆92Oct 13, 2024Updated last year
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆28May 4, 2026Updated last month
- Async BOF implementation of 'Rubeus monitor' to detect and automatically extract Kerberos TGTs as they appear on a target system.☆121Updated this week
- Beacon Object File for Cobalt Strike that executes .NET assemblies in beacon with evasion techniques.☆194Dec 23, 2025Updated 5 months ago
- adws enumeration bof☆172Feb 16, 2026Updated 3 months ago
- A Tool that aims to evade av with binary padding☆161Jun 28, 2024Updated last year
- Headless Binary Ninja MCP server — giving AI agents deep reverse-engineering capabilities via 180 tools.☆211May 20, 2026Updated 2 weeks ago