Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged
☆89Jul 7, 2022Updated 3 years ago
Alternatives and similar repositories for Taskschedule-Persistence-Download-Cradles
Users that are interested in Taskschedule-Persistence-Download-Cradles are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- This are different types of download cradles which should be an inspiration to play and create new download cradles to bypass AV/EPP/EDR …☆259Jul 7, 2022Updated 3 years ago
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 3 years ago
- ☆23Mar 9, 2022Updated 4 years ago
- C# Utilities for Windows Notification Facility☆159Apr 14, 2025Updated last year
- ☆208Feb 24, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…☆258May 25, 2023Updated 2 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆384Apr 16, 2022Updated 4 years ago
- Detect strange memory regions and DLLs☆191Jan 20, 2022Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆102Apr 17, 2022Updated 4 years ago
- Process Ghosting in C#☆219Jan 24, 2022Updated 4 years ago
- Simple POC of Voice C2 using Speech Recognition☆13Apr 27, 2022Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆116Dec 26, 2021Updated 4 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆365Dec 19, 2022Updated 3 years ago
- ☆412Dec 14, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- It stinks☆103Apr 22, 2022Updated 4 years ago
- WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement☆373Dec 24, 2021Updated 4 years ago
- Various ways to execute shellcode☆510Mar 13, 2024Updated 2 years ago
- A simple packer working with all PE files which cipher your exe with a XOR implementation☆15Aug 10, 2020Updated 5 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- Some of my custom "tools".☆28Feb 21, 2022Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆99Mar 27, 2022Updated 4 years ago
- Artificially inflate a given binary to exceed common EDR file size limits. Can be used to bypass common EDR.☆124Apr 9, 2022Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Identify the attack paths in BloodHound breaking your AD tiering☆327Nov 6, 2022Updated 3 years ago
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 3 years ago
- C# Reflective loader for unmanaged binaries.☆448Jan 25, 2023Updated 3 years ago
- ☆224Oct 22, 2023Updated 2 years ago
- How to spoof the command line when spawning a new process from C#.☆111Dec 28, 2021Updated 4 years ago
- Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique☆337Jan 16, 2022Updated 4 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆303Oct 26, 2022Updated 3 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆242Jan 4, 2023Updated 3 years ago
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆31Feb 26, 2024Updated 2 years ago
- ErebusGate for Nim Bypass AV/EDR☆160Nov 7, 2022Updated 3 years ago
- ☆780Oct 17, 2023Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆335Jul 20, 2024Updated last year