Tylous / MangleLinks
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
☆89Updated 2 years ago
Alternatives and similar repositories for Mangle
Users that are interested in Mangle are comparing it to the libraries listed below
Sorting:
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆172Updated 6 months ago
- ☆170Updated last year
- Shaco is a linux agent for havoc☆166Updated last year
- Havoc C2 profile generator☆96Updated 2 months ago
- C or BOF file to extract WebKit master key to decrypt user cookie☆205Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆279Updated 2 years ago
- Port of Cobalt Strike's Process Inject Kit☆185Updated 9 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 9 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆253Updated 2 years ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆196Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆148Updated 2 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆315Updated 2 years ago
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆160Updated last year
- A Mythic agent for Windows written in C☆136Updated 2 weeks ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆114Updated 2 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆171Updated 5 months ago
- An App Domain Manager Injection DLL PoC on steroids☆180Updated last year
- Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.☆121Updated 3 years ago
- Weaponizing DCOM for NTLM Authentication Coercions☆163Updated 2 months ago
- 「💀」Proof of concept on BYOVD attack☆163Updated 9 months ago
- TeamServer and Client of Exploration Command and Control Framework☆157Updated this week
- Extracting NetNTLM without touching lsass.exe☆239Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆353Updated 2 years ago
- ☆182Updated 3 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆207Updated 11 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- Cobalt Strike BOF for evasive .NET assembly execution☆272Updated 5 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆141Updated 5 months ago
- Ghosting-AMSI☆217Updated 5 months ago
- Evasive Golang Loader☆135Updated last year