A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++
☆37Jan 10, 2024Updated 2 years ago
Alternatives and similar repositories for API-Hashing
Users that are interested in API-Hashing are comparing it to the libraries listed below
Sorting:
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- A C# tool with more flexibility to customize scheduled task for both persistence and lateral movement in red team operation☆18Dec 18, 2024Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆111Jul 15, 2023Updated 2 years ago
- ☆210Nov 28, 2023Updated 2 years ago
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆11Nov 24, 2023Updated 2 years ago
- all random stuff that dont warrant a seperate repo☆12Sep 2, 2022Updated 3 years ago
- Citrix CVE-2023-4966 from assetnote modified for parallel and file handling☆11Oct 25, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 3 years ago
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- Scripts to interact with Microsoft Graph APIs☆44Nov 7, 2024Updated last year
- A Simple PoC☆22May 24, 2024Updated last year
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆14Oct 31, 2023Updated 2 years ago
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆110Mar 25, 2024Updated last year
- Classic Process Injection with Memory Evasion Techniques implemantation☆73Oct 28, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆20Dec 3, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Reflective shellcode runners using obfuscated Win32 APIs in C# and C++ (GetProcAddress & GetModuleHandle). For penetration testing.☆15Jul 17, 2025Updated 7 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆275Apr 17, 2023Updated 2 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- A small executable to trick a user to authenticate using code matching MFA☆68Oct 6, 2023Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆129Sep 27, 2023Updated 2 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆102Sep 18, 2023Updated 2 years ago
- ☆84Aug 26, 2024Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- ☆20Mar 21, 2024Updated last year
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 2 months ago