Founding is a generator that will create a loader encrypted or obfuscated with different execution types
☆127Aug 23, 2025Updated 6 months ago
Alternatives and similar repositories for Founding
Users that are interested in Founding are comparing it to the libraries listed below
Sorting:
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 3 months ago
- A tool to interact with Windows drivers to perform a raw disk read and parse out target files without calling standard Windows file APIs☆107Sep 4, 2025Updated 5 months ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆11May 17, 2024Updated last year
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated last month
- Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform☆18Apr 17, 2024Updated last year
- Nakamoto is a 2 layer encryption tool to protect your data and your cyptocurrency☆15Nov 13, 2025Updated 3 months ago
- Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered b…☆82Nov 15, 2025Updated 3 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆85Oct 20, 2025Updated 4 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆185Jan 17, 2026Updated last month
- A portable C# utility for enumerating local and remote windows sessions☆55Jan 1, 2026Updated last month
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆33Feb 6, 2026Updated 3 weeks ago
- sideloading PoC using onedrive.exe & version.dll☆91Oct 30, 2025Updated 3 months ago
- Windows anti-debugging sandbox☆40Dec 24, 2025Updated 2 months ago
- EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify…☆100Feb 4, 2026Updated 3 weeks ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆55Jul 13, 2025Updated 7 months ago
- Eve is a JAMF exploitation toolkit used to interact with locally hosted JAMF servers and those hosted on jamfcloud.com.☆42Sep 16, 2025Updated 5 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆65Jan 13, 2026Updated last month
- Automating the MITM attack on WSUS☆308Updated this week
- ☆48Nov 26, 2025Updated 3 months ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆23Aug 27, 2022Updated 3 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆13Jul 15, 2023Updated 2 years ago
- Pentest utils☆14Oct 8, 2016Updated 9 years ago
- A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…☆23Jan 17, 2026Updated last month
- ☆20Sep 6, 2025Updated 5 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- 🛡️Proactive ransomware defense for Windows, providing secure file hiding through camouflage, encrypted mappings, smart shortcuts and sea…☆16Oct 14, 2025Updated 4 months ago
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated last month
- ☆14Jul 26, 2025Updated 7 months ago
- ReconPro is a specialized Google dorking tool designed for cybersecurity professionals and bug bounty hunters.☆44Updated this week
- ☆58Dec 10, 2025Updated 2 months ago
- Caddy v2 module to filter requests based on C2 profiles☆46Apr 24, 2025Updated 10 months ago
- Group Policy Objects manipulation and exploitation framework☆291Dec 7, 2025Updated 2 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- ☆30Oct 13, 2025Updated 4 months ago
- Slides and material from my conference presentations☆16Mar 30, 2024Updated last year
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 6 months ago
- ShadowDropper is a utility for covertly delivering and executing payloads on a target system.☆27Jul 4, 2025Updated 7 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Dec 11, 2023Updated 2 years ago
- A Beacon Object File (BOF) for Havoc/CS to Bypass PPL and Dump Lsass☆167Sep 22, 2025Updated 5 months ago