Stuuxx / awesome-persistenceLinks
Persistence techniques for windows.
☆19Updated 2 years ago
Alternatives and similar repositories for awesome-persistence
Users that are interested in awesome-persistence are comparing it to the libraries listed below
Sorting:
- Offensive Assembly code snippets.☆12Updated last year
- API Hammering with C++20☆46Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- in-process powershell runner for BRC4☆45Updated last year
- OSED Practice binary☆24Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- Items related to the RedELK workshop given at security conferences☆29Updated last year
- Tartocitron is a repo to have fun with malwares and the Rust language. This repo provides working examples of dropper written in Rust.☆10Updated 3 years ago
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆30Updated 3 weeks ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- ☆18Updated 8 months ago
- ☆18Updated last month
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Updated last year
- A pure C version of SymProcAddress☆27Updated last year
- Unix Process hollowing in rust☆22Updated 6 months ago
- This repo for Windows x32-x64 Kernel/Driver/User Mode Exploitation writeups and exploits☆24Updated last year
- ☆18Updated 5 months ago
- ☆48Updated 2 years ago
- Progress of learning kernel development☆14Updated 2 years ago
- Python3 tool to perform password spraying using RDP☆17Updated last year
- BOF for C2 framework☆41Updated 7 months ago
- idk man this was the default github name☆35Updated 2 years ago
- 「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x☆25Updated 2 months ago
- Extension functionality for the NightHawk operator client☆27Updated last year
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆32Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- Detect userland hooks placed by AV/EDR☆27Updated last year
- Just another Process Injection using Process Hollowing technique.☆17Updated last year
- ☆55Updated 8 months ago
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆14Updated last year