UmaRex01 / Hit-And-RunLinks
A method to execute syscalls while bypassing EDR's function hooking and call stack analysis.
☆14Updated 2 months ago
Alternatives and similar repositories for Hit-And-Run
Users that are interested in Hit-And-Run are comparing it to the libraries listed below
Sorting:
- shellcode生成框架☆87Updated 11 months ago
- Beacon compiled using clang☆69Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- An implementation of an indirect system call☆129Updated last year
- Simulate per-process disconnection in red team environments☆43Updated 2 weeks ago
- It stinks☆102Updated 3 years ago
- more conveniently Visual-Studio-BOF-template☆65Updated last year
- Self Cleanup in post-ex job☆56Updated 9 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆49Updated 2 years ago
- ☆47Updated last year
- ☆31Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆53Updated last year
- Silently Install Chrome Extension For Persistence☆73Updated 11 months ago
- Evasive loader to bypass static detection☆58Updated last year
- 自定义函数堆栈,从而绕过ETW检测,这个是完整版。☆14Updated last year
- Dumping App Bound Protected Credentials & Cookies Without Privileges.☆54Updated 3 weeks ago
- Use COM Component Bypass UAC,Dll Version☆35Updated 4 years ago
- ☆40Updated last year
- find dll base addresses without PEB WALK☆93Updated last month
- A Simple PoC☆21Updated last year
- ☆26Updated last year
- A basic C2 framework written in C☆60Updated 11 months ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆56Updated this week
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆72Updated last year
- ☆15Updated 11 months ago
- Help red teams find opsec processes during engagements☆41Updated 6 months ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆43Updated 3 years ago
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆52Updated last week
- Load static-compiled PE from remote server.☆62Updated 3 years ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆51Updated 4 months ago