Stuuxx / awesome-persistenceLinks
Persistence techniques for windows.
☆19Updated last year
Alternatives and similar repositories for awesome-persistence
Users that are interested in awesome-persistence are comparing it to the libraries listed below
Sorting:
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆10Updated 3 years ago
- Python3 tool to perform password spraying using RDP☆17Updated last year
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- API Hammering with C++20☆46Updated 2 years ago
- Tool for obtaining information about PPL processes☆17Updated last year
- ☆22Updated 2 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- idk man this was the default github name☆35Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- ☆18Updated 7 months ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- in-process powershell runner for BRC4☆45Updated last year
- Offensive Assembly code snippets.☆12Updated last year
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆12Updated 2 years ago
- Progress of learning kernel development☆14Updated 2 years ago
- example using NtCreateUserProcess in rust☆19Updated 4 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- Remove API hooks from a Beacon process.☆14Updated 3 years ago
- ☆26Updated 3 months ago
- An offensive security framework for writing payloads☆17Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- A pure C version of SymProcAddress☆26Updated last year
- Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions☆14Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated last year
- PoC MSI payload based on ASEC/AhnLab's blog post☆23Updated 2 years ago
- A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.☆21Updated 10 months ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆18Updated 2 years ago
- ☆15Updated 2 years ago