Xre0uS / KiD
A malicious keyboard that delivers a multi-staged attack, consisting of a polymorphous trojan payload which can bypass antivirus engines, with Windows machines as targets.
☆10Updated last year
Related projects: ⓘ
- Parent Process ID Spoofing, coded in CGo.☆21Updated 2 months ago
- Unhook Ntdll.dll, Go & C++.☆11Updated 2 months ago
- using the Recycle Bin to insure persistence☆11Updated 2 years ago
- An issue in AVG AVG Anti-Spyware v.7.5 allows an attacker to execute arbitrary code via a crafted script to the guard.exe component☆11Updated last year
- ☆12Updated 2 years ago
- Another AMSI bypass - but in C++.☆25Updated last year
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago
- A utility that can be used to launch an executable with a DLL injected☆19Updated 10 months ago
- Just another Process Injection using Process Hollowing technique.☆16Updated last year
- using the gpu to hide your payload☆47Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆36Updated 6 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆15Updated last month
- API Hammering with C++20☆34Updated 2 years ago
- A simple Nim stager (w/ fiber execution)☆14Updated 2 years ago
- A simple website to act as a store for havoc modules and extensions☆21Updated 4 months ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆19Updated last year
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆39Updated last year
- A mechanism that trampoline hooks functions in x86/x64 systems.☆19Updated 10 months ago
- ☆17Updated last year
- ☆11Updated last year
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆17Updated 7 months ago
- A simple PE loader.☆25Updated last year
- ☆23Updated 10 months ago
- A way to extract tickets in case I need to purge and restore tickets on the fly.☆15Updated 4 months ago
- ☆13Updated this week
- ☆22Updated 3 months ago
- Yet, Another Packer/Loader☆25Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆31Updated last year
- ☆24Updated 5 months ago
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago