TunnelGRE / ProcessInjection-GO
Shellcode encryption in RC4 and process injection into explorer.exe.
☆38Updated last year
Alternatives and similar repositories for ProcessInjection-GO:
Users that are interested in ProcessInjection-GO are comparing it to the libraries listed below
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- A Cobalt Strike memory evasion loader for redteamers☆99Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆82Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆84Updated 2 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆63Updated 2 years ago
- Winsocket for Cobalt Strike.☆98Updated last year
- Simple LSASS Dumper created using C++ as an alternative to using Mimikatz memory dumper☆54Updated last year
- Execute shellcode via Bluetooth device authentication☆38Updated 2 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆119Updated 2 years ago
- A basic C2 framework written in C☆61Updated 9 months ago
- ☆36Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆53Updated 10 months ago
- Sleep Obfuscation☆45Updated 2 years ago
- ProcExp Driver (Ab)use☆21Updated 2 years ago
- ☆77Updated last year
- A spin-off research project. Cobalt Strike x Notion collab 2022☆53Updated 3 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆62Updated last year
- Use CMSTP.exe to bypass UAC.☆43Updated 2 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆73Updated 5 months ago
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆85Updated 2 years ago
- Flexible C# shellcode runner☆39Updated 3 years ago
- frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …☆51Updated 2 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆51Updated 3 years ago
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆76Updated 2 years ago
- ☆82Updated last year
- Evasive loader to bypass static detection☆58Updated last year
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆83Updated 2 years ago
- C# implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆150Updated 3 years ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆58Updated last year