Stuuxx / awesome-persistenceLinks
Persistence techniques for windows.
☆19Updated 2 years ago
Alternatives and similar repositories for awesome-persistence
Users that are interested in awesome-persistence are comparing it to the libraries listed below
Sorting:
- A payload delivery system which embeds payloads in an executable's icon file!☆74Updated last year
- Tool for obtaining information about PPL processes☆16Updated last year
- idk man this was the default github name☆35Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Updated 2 years ago
- EvtPsst☆55Updated 2 years ago
- API Hammering with C++20☆49Updated 3 years ago
- ☆61Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Updated 3 years ago
- A utility that can be used to launch an executable with a DLL injected☆19Updated 2 years ago
- Python3 tool to perform password spraying using RDP☆16Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆69Updated 3 years ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Updated 2 years ago
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆11Updated 3 years ago
- ☆30Updated 4 months ago
- ☆59Updated last year
- DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable☆58Updated 2 years ago
- ☆38Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Updated 2 years ago
- One Click Tool to Scan All the Enabled Protection of current Windows NT Kernel☆43Updated 2 years ago
- Demoting PPL anti-malware services to less than a guest user☆65Updated 11 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Updated 2 years ago
- ☆18Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆35Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- A Large Action Model designed to operate on MacOS or Windows which interacts with common C2 interfaces such as Cobalt Strike, Havoc, or B…☆26Updated last year
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆33Updated 2 years ago
- Collection of Rust repos useful for Red Teamers.☆34Updated 3 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆47Updated last year
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆27Updated 2 years ago