ShorSec / DllNotificationInjection
A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and remote processes.
☆21Updated last year
Alternatives and similar repositories for DllNotificationInjection:
Users that are interested in DllNotificationInjection are comparing it to the libraries listed below
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- ☆36Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆43Updated last year
- ProcExp Driver (Ab)use☆21Updated 2 years ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆19Updated 5 months ago
- ☆29Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆18Updated 2 years ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- ☆19Updated 2 weeks ago
- Sleep Obfuscation☆43Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆43Updated last year
- Beacon Object Files (not Buffer Overflows)☆53Updated 2 years ago
- ☆24Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆52Updated last year
- ☆42Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆47Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆34Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆70Updated last year
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆17Updated last year
- A VSCode plugin to assist with BOF development.☆33Updated 7 months ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆33Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 5 months ago
- BypassCredGuard CS BOF☆31Updated last month
- API Hammering with C++20☆45Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆42Updated last year
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆36Updated 11 months ago
- converts sRDI compatible dlls to shellcode☆21Updated last month