Xre0uS / KiDLinks
A malicious keyboard that delivers a multi-staged attack, consisting of a trojan payload which can bypass antivirus, with Windows machines as targets.
☆13Updated 5 months ago
Alternatives and similar repositories for KiD
Users that are interested in KiD are comparing it to the libraries listed below
Sorting:
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆31Updated 2 years ago
- Golang Implementation of Hell's gate☆19Updated 2 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12Updated 2 years ago
- ☆55Updated 2 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆25Updated 4 months ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆19Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆20Updated 2 years ago
- ☆12Updated 2 years ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated last year
- Just another Process Injection using Process Hollowing technique.☆18Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆31Updated last year
- Just another casual shellcode native loader☆24Updated 3 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated 2 years ago
- A simple PE loader.☆26Updated 2 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆20Updated last year
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆28Updated 3 years ago
- Find kernel32 base and API addresses. Simple C++ implementation☆24Updated 3 years ago
- ☆19Updated 3 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Hooked create process injection for meterpreter☆23Updated 4 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated last year
- A simple rpc2socks alternative in pure Go.☆29Updated last year
- Extension functionality for the NightHawk operator client☆27Updated last year
- A mechanism that trampoline hooks functions in x86/x64 systems.☆22Updated 10 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 3 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆38Updated 2 years ago
- Parent Process ID Spoofing, coded in CGo.☆23Updated 4 months ago
- idk man this was the default github name☆35Updated 2 years ago