ZephrFish / HelloJackHunter
Research into WinSxS binaries and finding hijackable paths
☆23Updated 5 months ago
Related projects ⓘ
Alternatives and complementary repositories for HelloJackHunter
- BOF for C2 framework☆40Updated this week
- Dynamically resolve API function addresses at runtime in a secure manner.☆44Updated last month
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- ☆103Updated 6 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆70Updated 3 weeks ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆42Updated this week
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆54Updated 7 months ago
- ☆27Updated 5 months ago
- ☆88Updated 2 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆30Updated last year
- Using LNK files and user input simulation to start processes under explorer.exe☆23Updated last month
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆34Updated 2 months ago
- DFSCoerce exe revisited version with custom authentication☆35Updated 10 months ago
- ☆20Updated 2 months ago
- ☆95Updated last year
- ☆35Updated 3 weeks ago
- Threadless shellcode injection tool☆59Updated 3 months ago
- convert compatible dlls to shellcode with sRDI. I don't remember where this came from, so if you recognize the code, let me know and I'll…☆12Updated 6 months ago
- ☆27Updated 2 months ago
- Host CLR and run .NET binaries using Rust☆58Updated last week
- Beacon Object Files (BOF) for Cobalt Strike.☆28Updated 2 months ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 9 months ago
- BYOVD collection