A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++
☆37Jan 10, 2024Updated 2 years ago
Alternatives and similar repositories for API-Hashing
Users that are interested in API-Hashing are comparing it to the libraries listed below
Sorting:
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆11Nov 24, 2023Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆112Jul 15, 2023Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 11 months ago
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- Citrix CVE-2023-4966 from assetnote modified for parallel and file handling☆11Oct 25, 2023Updated 2 years ago
- A Simple PoC☆22May 24, 2024Updated last year
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆412Jan 11, 2026Updated 2 months ago
- Use hardware breakpoint to dynamically change SSN in run-time☆280Apr 10, 2024Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆73Oct 28, 2023Updated 2 years ago
- ☆210Nov 28, 2023Updated 2 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆20Dec 3, 2024Updated last year
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆26Jul 26, 2024Updated last year
- Scripts to interact with Microsoft Graph APIs☆45Nov 7, 2024Updated last year
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆130Sep 27, 2023Updated 2 years ago
- ☆84Aug 26, 2024Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆277Apr 17, 2023Updated 2 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Exploitation of echo_driver.sys☆170Sep 16, 2023Updated 2 years ago
- List the ETW provider(s) in the registration table of a process.☆80Sep 20, 2023Updated 2 years ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- Sleep obfuscation☆270Dec 13, 2024Updated last year
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- A simple website to act as a store for havoc modules and extensions☆29Jan 20, 2025Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆112Mar 25, 2024Updated last year
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆14Oct 31, 2023Updated 2 years ago
- C or BOF file to extract WebKit master key to decrypt user cookie☆207Apr 29, 2024Updated last year
- Artemis - C++ Hell's Gate Syscall Implementation☆34Aug 16, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆227Dec 3, 2025Updated 3 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated 2 years ago