Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.
☆53Oct 2, 2025Updated 8 months ago
Alternatives and similar repositories for CobaltStrike-YARA-Bypass-f0b627fc
Users that are interested in CobaltStrike-YARA-Bypass-f0b627fc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- 主要用于隐藏进程真实路径,进程带windows真签名☆119Oct 15, 2024Updated last year
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- 获取chrome 浏览器记录☆43Sep 6, 2025Updated 9 months ago
- 集权利用工具☆167Feb 28, 2025Updated last year
- BypassCredGuard CS BOF☆54Jan 23, 2025Updated last year
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 3 years ago
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 7 months ago
- 重构Beacon☆166Aug 19, 2024Updated last year
- AddDefenderExclusions Beacon Object File☆42Jun 25, 2023Updated 2 years ago
- ☆29May 10, 2024Updated 2 years ago
- Cobalt Strike BOF for evasive .NET assembly execution☆320Mar 31, 2025Updated last year
- 利用NTLM Hash读取Exchange邮件☆59May 13, 2023Updated 3 years ago
- This is a third party agent for Havoc C2 written in golang.☆59Jan 16, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆100Sep 1, 2024Updated last year
- EventViewer Bypass Uac Bof☆23Jul 23, 2022Updated 3 years ago
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆524Updated this week
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆28Jun 13, 2024Updated 2 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆164Oct 27, 2024Updated last year
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆101Mar 20, 2023Updated 3 years ago
- Beacon Object File to delete token privileges and lower the integrity level to untrusted for a specified process☆46Jun 15, 2022Updated 4 years ago
- Take a screenshot without injection for Cobalt Strike☆205Jun 7, 2023Updated 3 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆42Jul 10, 2023Updated 2 years ago
- PHP文件上传50+绕过手法全景解析☆18Mar 16, 2025Updated last year
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- Dump document encryption password from Office process memory☆40Mar 27, 2023Updated 3 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆29Jan 4, 2024Updated 2 years ago
- A Windows 11 Rootkit. (Exploit has been patched)☆16Sep 7, 2025Updated 9 months ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated last year
- Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术,不使用API进行主线程劫持,不使用PEB…☆93Jul 26, 2025Updated 10 months ago
- Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege☆227Nov 23, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆54May 31, 2025Updated last year
- Evasive shellcode loader☆398Oct 17, 2024Updated last year
- 快速Go建你的免杀项目☆26Sep 20, 2024Updated last year
- .NET Assembly that creates network shares,sets ACE entries for directories, sets share perms, and deletes shares. Learning project for C#☆10Oct 14, 2024Updated last year
- A Go implementation of Cobalt Strike style BOF/COFF loaders.☆271Feb 22, 2025Updated last year
- A simple Meterpreter stager written in Rust.☆45Nov 2, 2025Updated 7 months ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆150Mar 13, 2022Updated 4 years ago