ShorSec / DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
☆21Updated last year
Alternatives and similar repositories for DllNotificationInjection:
Users that are interested in DllNotificationInjection are comparing it to the libraries listed below
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆19Updated 5 months ago
- ☆36Updated 2 years ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆43Updated last year
- ☆43Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- Using LNK files and user input simulation to start processes under explorer.exe☆24Updated 5 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆47Updated last year
- ☆28Updated 9 months ago
- converts sRDI compatible dlls to shellcode☆21Updated 2 months ago
- BOF for C2 framework☆39Updated 4 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- Execute dotnet app from unmanaged process☆71Updated 2 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆42Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆42Updated last year
- ProcExp Driver (Ab)use☆21Updated 2 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 6 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆70Updated last year
- ☆20Updated 9 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆50Updated 4 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆47Updated last year
- Example of using Sleep to create better named pipes.☆41Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆18Updated 2 years ago
- Sliver agent rewritten in C++☆44Updated 6 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆36Updated 11 months ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year