S3lrius / Nimalathatep
Nim Payload Generation
☆59Updated last year
Alternatives and similar repositories for Nimalathatep:
Users that are interested in Nimalathatep are comparing it to the libraries listed below
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆118Updated 3 years ago
- C# havoc implant☆98Updated 2 years ago
- ☆152Updated last year
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆98Updated 2 years ago
- ErebusGate for Nim Bypass AV/EDR☆160Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆144Updated 2 years ago
- D/Invoke implementation in Nim☆100Updated 2 years ago
- COFF and BOF Loader written in Nim☆170Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆152Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆225Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆125Updated last year
- Havoc C2 profile generator☆73Updated 4 months ago
- WIP shellcode loader in nim with EDR evasion techniques☆209Updated 2 years ago
- Useful Cobalt Strike BOFs found or used during engagements☆138Updated last year
- A collection of (even more) alternative shellcode callback methods in CSharp☆69Updated 4 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆90Updated 2 years ago
- An all-in-one Cobalt Strike BOF to patch, check and revert AMSI and ETW for x64 process. Both syscalls and dynamic resolve versions are a…☆128Updated 2 years ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆214Updated last year
- ☆139Updated 2 years ago
- ☆55Updated 11 months ago
- ☆79Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆111Updated last year
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆65Updated 5 months ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆92Updated 2 years ago
- Do some DLL SideLoading magic☆79Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆76Updated 2 years ago
- A BOF to automate common persistence tasks for red teamers☆273Updated 2 years ago
- Start new PowerShell without etw and amsi in pure nim☆157Updated 3 years ago
- Coerce Windows machines auth via MS-EVEN☆157Updated last year
- ☆95Updated last year