aahmad097 / Test004Links
Persistence via Shell Extensions
☆62Updated 2 years ago
Alternatives and similar repositories for Test004
Users that are interested in Test004 are comparing it to the libraries listed below
Sorting:
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆72Updated 3 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆44Updated 2 years ago
- ☆56Updated 2 years ago
- Repo that holds random POCs☆51Updated last year
- Sleep Obfuscation☆45Updated 3 years ago
- Sliver agent rewritten in C++☆48Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆63Updated 2 years ago
- ☆56Updated last year
- ☆50Updated 3 years ago
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆33Updated 2 years ago
- ☆57Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆85Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆61Updated last year
- ☆39Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆74Updated 7 months ago
- BYOVD collection☆23Updated last year
- x64 version☆36Updated 4 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Updated last year
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- ☆37Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Updated 3 years ago
- ☆72Updated last year
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆64Updated 2 years ago
- Remotely dump NT hashes through Windows Crash dumps☆36Updated 11 months ago
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- A simple ExternalC2 POC for Havoc C2. Communicates over Notion using a custom python agent, handler and extc2 channel. Not operationally …☆89Updated 3 years ago