Whitecat18 / earlycascade-injectionLinks
Early cascade injection PoC based on Outflanks blog post written in Rust
☆54Updated 4 months ago
Alternatives and similar repositories for earlycascade-injection
Users that are interested in earlycascade-injection are comparing it to the libraries listed below
Sorting:
- ☆55Updated 8 months ago
- Section-based payload obfuscation technique for x64☆61Updated 10 months ago
- POC of GITHUB simple C2 in rust☆53Updated 5 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- Windows Thread Pool Injection Havoc Implementation☆30Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated last year
- Tool to bypass LSA Protection (aka Protected Process Light)☆54Updated 5 months ago
- Construct the payload at runtime using an array of offsets☆63Updated last year
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆43Updated last month
- BOF for C2 framework☆41Updated 7 months ago
- ☆107Updated 4 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 6 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Proxy function calls through the thread pool with ease☆28Updated 3 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆30Updated 4 months ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆38Updated 3 months ago
- Convert your shellcode into an ASCII string☆58Updated this week
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- in-process powershell runner for BRC4☆45Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 10 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆61Updated 4 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆44Updated last month
- remote process injections using pool party techniques☆62Updated 4 months ago
- Impersonate Tokens using only NTAPI functions☆75Updated 2 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated last month
- early cascade injection PoC based on Outflanks blog post, in rust☆59Updated 7 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆47Updated last month
- lsassdump via RtlCreateProcessReflection and NanoDump☆82Updated 8 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 5 months ago
- ☆50Updated 3 weeks ago