WafflesExploits / hide-payload-in-images
A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Payloads can be retrieved directly from the file on disk or from the image stored in a binary's resources section (.rsrc)
☆117Updated this week
Alternatives and similar repositories for hide-payload-in-images:
Users that are interested in hide-payload-in-images are comparing it to the libraries listed below
- PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges requir…☆143Updated 8 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆157Updated 2 months ago
- ☆164Updated 3 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆158Updated 2 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆193Updated 8 months ago
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆274Updated 9 months ago
- Python implementation of GhostPack's Seatbelt situational awareness tool☆241Updated 3 months ago
- This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead…☆103Updated 3 weeks ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆150Updated 9 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 6 months ago
- Find potential DLL Sideloads on your windows computer☆175Updated last month
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆188Updated last month
- NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.☆141Updated last month
- Evade EDR's the simple way, by not touching any of the API's they hook.☆84Updated 3 weeks ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆144Updated 9 months ago
- I will be uploading all the codes which I created with the help either opensource projects or blogs. This is a step by step EDR learning …☆269Updated last year
- An offensive postexploitation tool that will give you complete control over the Outlook desktop application and therefore to the emails c…☆163Updated 4 months ago
- A PoC for Early Cascade process injection technique.☆157Updated 3 weeks ago
- Continuous password spraying tool☆128Updated last week
- C# AV/EDR Killer using less-known driver (BYOVD)☆161Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆185Updated 4 months ago
- Stage 0☆153Updated 2 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆186Updated 4 months ago
- Stuxnet extracted binaries by reversing & Stuxnet Rootkit Analysis☆50Updated 5 months ago
- .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation☆271Updated 3 months ago
- Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operation…☆171Updated 5 months ago
- ☆139Updated 6 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆180Updated last year