SolomonSklash / SyscallPOC
Shellcode injection POC using syscalls.
☆115Updated 4 years ago
Alternatives and similar repositories for SyscallPOC:
Users that are interested in SyscallPOC are comparing it to the libraries listed below
- My CobaltStrike BOFS☆162Updated 2 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆113Updated 4 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆122Updated 2 years ago
- Yet another LSASS dumper☆76Updated 4 years ago
- my learning case about windows☆21Updated 3 years ago
- Pass the Hash to a named pipe for token Impersonation☆141Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆169Updated 2 years ago
- Simple windows rpc server for research purposes only☆82Updated 2 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆151Updated 4 years ago
- A Cobalt Strike Aggressor script to generate GadgetToJScript payloads☆99Updated 4 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆174Updated 4 years ago
- Collect & Optimize awesome CobaltStrike aggressor scripts, hope to create a All-In-One framework.☆37Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆139Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆64Updated last year
- Zipper, a CobaltStrike file and folder compression utility.☆216Updated 5 years ago
- signed-loaders documents Windows executables that can be used for side-loading DLLs.☆67Updated 6 years ago
- Injects shellcode into remote processes using direct syscalls☆75Updated 4 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆136Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆149Updated 3 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆185Updated 3 years ago
- ☆112Updated 4 years ago
- Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File☆193Updated 4 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆96Updated 3 years ago
- nuke that event log using some epic dinvoke fu☆117Updated 3 years ago
- Cobalt Strike BOF Files with Nim!☆84Updated 2 years ago
- ☆148Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆278Updated 3 years ago
- Collection of CobaltStrike beacon object files☆102Updated 3 years ago
- C# PoC implementation for bypassing AMSI via in memory patching☆65Updated 4 years ago
- PoC to interact with local/remote registry hives through WMI☆86Updated 4 years ago