TunnelGRE / Percino
Evasive Golang Loader
☆131Updated 8 months ago
Alternatives and similar repositories for Percino:
Users that are interested in Percino are comparing it to the libraries listed below
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆196Updated 5 months ago
- My implementation of the GIUDA project in C++☆180Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆145Updated 11 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆221Updated 2 years ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆136Updated last year
- Port of Cobalt Strike's Process Inject Kit☆171Updated 4 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆153Updated last month
- Execute shellcode files with rundll32☆199Updated last year
- ☆224Updated 11 months ago
- TeamServer and Client of Exploration Command and Control Framework☆122Updated 2 weeks ago
- 「💀」Proof of concept on BYOVD attack☆157Updated 4 months ago
- ☆164Updated 8 months ago
- Extracting NetNTLM without touching lsass.exe☆234Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆185Updated last year
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆300Updated 4 months ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆226Updated last year
- ☆200Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆185Updated last year
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dump☆147Updated 6 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆151Updated 11 months ago
- ☆152Updated 8 months ago
- Attempt at Obfuscated version of SharpCollection☆206Updated last week
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆161Updated 4 months ago
- Stage 0☆155Updated 4 months ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆108Updated last year
- AV bypass while you sip your Chai!☆220Updated 11 months ago
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆149Updated last year
- ☆170Updated 5 months ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆177Updated last year