Whitecat18 / earlycascade-injectionLinks
Early cascade injection PoC based on Outflanks blog post written in Rust
☆54Updated 6 months ago
Alternatives and similar repositories for earlycascade-injection
Users that are interested in earlycascade-injection are comparing it to the libraries listed below
Sorting:
- ☆57Updated 10 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- POC of GITHUB simple C2 in rust☆52Updated 3 weeks ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆61Updated 6 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆43Updated last year
- Modern PIC implant for Windows (64 & 32 bit)☆102Updated last month
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 10 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆48Updated 3 months ago
- ☆24Updated 2 weeks ago
- Select any exported function in a dll as the new dll's entry point.☆81Updated 10 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- Section-based payload obfuscation technique for x64☆64Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 7 months ago
- ☆43Updated last month
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆56Updated 3 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated 3 months ago
- BOF for C2 framework☆42Updated 9 months ago
- Demonstration of Early Bird APC Injection - MITRE ID T1055.004☆33Updated last year
- Convert your shellcode into an ASCII string☆110Updated last month
- remote process injections using pool party techniques☆66Updated last month
- Remote DLL Injection with Timer-based Shellcode Execution☆95Updated last month
- ☆58Updated 9 months ago
- use python on windows with full submodule support without installation☆30Updated 7 months ago
- ☆53Updated 8 months ago
- ☆34Updated 4 months ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆38Updated 5 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Cortex EDR Ransomware protection Bypass☆25Updated 6 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated last year