☆134Aug 9, 2023Updated 2 years ago
Alternatives and similar repositories for wd-pretender
Users that are interested in wd-pretender are comparing it to the libraries listed below
Sorting:
- ☆36Oct 26, 2023Updated 2 years ago
- ☆301Oct 29, 2024Updated last year
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Aug 31, 2023Updated 2 years ago
- Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".☆748May 23, 2025Updated 9 months ago
- ☆57Jan 15, 2024Updated 2 years ago
- Abusing Azure services over C2☆367Jan 20, 2026Updated last month
- Simple-XSS is a multiplatform cross-site scripting (XSS) vulnerability exploitation tool.☆48Jul 2, 2025Updated 8 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- HashKitty is a user-friendly cross-platform Python wrapper for Hashcat designed to provide an easy password cracking experience for both …☆42Jul 18, 2024Updated last year
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆382Dec 13, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Analyse your malware to surgically obfuscate it☆520Dec 17, 2025Updated 2 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated last month
- An adaptation of timwhitez's proxycall that uses kernelbase.dll!Beep.☆16Nov 1, 2023Updated 2 years ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆609Feb 21, 2024Updated 2 years ago
- Azure DevOps Services Attack Toolkit☆313Mar 15, 2025Updated 11 months ago
- A BOF that runs unmanaged PEs inline☆682Oct 23, 2024Updated last year
- A comprehensive workshop aimed to equip participants with an in-depth understanding of modern Command and Control (C2) concepts, focusing…☆109Aug 11, 2023Updated 2 years ago
- Generate a proxy dll for arbitrary dll☆225Oct 19, 2024Updated last year
- This lightweight C# demo application showcases interactive remote shell access via named pipes and the SMB protocol.☆122Feb 21, 2025Updated last year
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆41Jul 29, 2025Updated 7 months ago
- ☆22Jul 15, 2023Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆345Nov 19, 2024Updated last year
- There were no proper POCs for CVE-2023-30533 so I made one. (Reported by Vsevolod Kokorin)☆12Aug 9, 2023Updated 2 years ago
- ☆245Sep 19, 2023Updated 2 years ago
- A set of fully-undetectable process injection techniques abusing Windows Thread Pools☆1,250Dec 11, 2023Updated 2 years ago
- C++ Code to perform a MiniDump of lsass.exe☆36Aug 2, 2023Updated 2 years ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆25Jul 26, 2024Updated last year
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- ☆170Jan 7, 2022Updated 4 years ago
- ☆59Nov 13, 2024Updated last year
- Collection of random RedTeam scripts.☆211Mar 8, 2024Updated 2 years ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆341Oct 7, 2024Updated last year
- Just some random Red Team Scripts that can be useful☆153Jun 28, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆1,006Jun 4, 2024Updated last year
- ☆16Dec 7, 2025Updated 3 months ago