Whitecat18 / earlycascade-injectionLinks
Early cascade injection PoC based on Outflanks blog post written in Rust
☆53Updated 4 months ago
Alternatives and similar repositories for earlycascade-injection
Users that are interested in earlycascade-injection are comparing it to the libraries listed below
Sorting:
- ☆55Updated 7 months ago
- POC of GITHUB simple C2 in rust☆53Updated 4 months ago
- Section-based payload obfuscation technique for x64☆59Updated 9 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆75Updated 3 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆39Updated 3 weeks ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated 10 months ago
- Situational Awareness script to identify how and where to run implants☆50Updated 5 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆70Updated last year
- Impersonate Tokens using only NTAPI functions☆73Updated 2 months ago
- remote process injections using pool party techniques☆60Updated 3 months ago
- Utilizng an MCP Server to communicate with your C2☆64Updated 3 weeks ago
- in-process powershell runner for BRC4☆45Updated last year
- Tool to aid in dumping LSASS process remotely☆39Updated 10 months ago
- BOF for C2 framework☆41Updated 6 months ago
- ☆52Updated 5 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 9 months ago
- Windows Thread Pool Injection Havoc Implementation☆29Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- Some of the presentations, workshops, and labs I gave at public conferences.☆33Updated 3 weeks ago
- ☆56Updated 6 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 4 months ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆37Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆49Updated last month
- Construct the payload at runtime using an array of offsets☆63Updated 11 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆82Updated 7 months ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆53Updated 5 months ago
- Beacon Object Files (BOF) for Cobalt Strike.☆31Updated 9 months ago
- ☆40Updated this week
- ☆29Updated last year
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆38Updated 5 months ago