Teach2Breach / devLinks
maldev obviously
☆26Updated last month
Alternatives and similar repositories for dev
Users that are interested in dev are comparing it to the libraries listed below
Sorting:
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆26Updated 2 years ago
- ☆59Updated 3 years ago
- A care package of useful bofs for red team engagments☆55Updated 6 months ago
- Python module for running BOFs☆70Updated last year
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- Generate droppers with encrypted payloads automatically.☆54Updated 3 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- ☆48Updated 2 years ago
- .NET project for installing Persistence☆64Updated 3 years ago
- Bunch of BOF files☆32Updated 6 months ago
- ☆38Updated 3 years ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- A VSCode devcontainer for development of COFF files with batteries included.☆49Updated last year
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆22Updated 2 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆61Updated 2 years ago
- in-process powershell runner for BRC4☆45Updated last year
- A method to execute shellcode using RegisterWaitForInputIdle API.☆54Updated 2 years ago
- Similar to Petitpotam, the netdfs service is enabled in Windows Server and AD environments, and the abused RPC method allows privileged p…☆49Updated 3 years ago
- WhoAmI by asking the LDAP service on a domain controller.☆62Updated 3 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Updated 3 years ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆54Updated 5 years ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆23Updated last year
- A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.☆39Updated 2 years ago
- ☆48Updated 2 years ago
- ☆26Updated 4 years ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated last month
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆40Updated 4 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- A BOF to interact with COM objects associated with the Windows software firewall.☆103Updated 3 years ago