S12cybersecurity / S12URootkit
User Mode Windows Rootkit
☆50Updated 8 months ago
Related projects: ⓘ
- Abuse Xwizard.exe for DLL Side-Loading☆82Updated last year
- Load static-compiled PE from remote server.☆56Updated 2 years ago
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆65Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 7 months ago
- Akame is an open-source, UD shellcode loader written in C++17.☆19Updated 2 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆145Updated last month
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆164Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆75Updated 6 months ago
- PDF Icon File Type Spoofer☆12Updated 2 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆36Updated 6 months ago
- A rework of CMLuaUtil AutoElevated☆23Updated last year
- Various methods of executing shellcode☆67Updated last year
- ☆136Updated this week
- C2☆70Updated 2 weeks ago
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆81Updated 2 months ago
- Shellcode obfuscation tool to avoid AV/EDR.☆104Updated last year
- shellcode-loaders and beacon-loaders☆63Updated 10 months ago
- Windows shellcode encoding and encrypting tool☆20Updated 2 years ago
- CaveCarver - PE backdooring tool which utilizes and automates code cave technique☆211Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- ShadeLoader is a shellcode loader designed to bypass most antivirus software. 壳代码, 杀毒软件, 绕过☆36Updated last month
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆163Updated last year
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆44Updated 4 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆35Updated 4 months ago
- Template-based generation of shellcode loaders☆63Updated 5 months ago
- This program detects if any security software (AV, EDR, XDR, firewall, etc.) is running on the system. The program searches the list of r…☆42Updated 3 months ago
- ☆67Updated this week
- Generic PE loader for fast prototyping evasion techniques☆175Updated 2 months ago
- bring your own vulnerable driver☆66Updated last year
- My personal shellcode loader☆33Updated last year