Remote DLL Injection with Timer-based Shellcode Execution
☆154Jul 18, 2025Updated 7 months ago
Alternatives and similar repositories for Remote-DLL-Injection-with-Timer-based-Shellcode-Execution
Users that are interested in Remote-DLL-Injection-with-Timer-based-Shellcode-Execution are comparing it to the libraries listed below
Sorting:
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆270Jun 18, 2025Updated 8 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 6 months ago
- Decrypt SCCM and DPAPI secrets with Powershell.☆45Jun 24, 2025Updated 8 months ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆70Dec 26, 2025Updated 2 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 7 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆92Jan 14, 2026Updated last month
- ☆159May 5, 2025Updated 9 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆210Aug 21, 2025Updated 6 months ago
- Blog/Journal on how to backdoor VSCode extensions☆76Updated this week
- Repository for the DEF CON 33 talk: Kill Chain Reloaded☆79Aug 3, 2025Updated 6 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 9 months ago
- Weaponize DLL hijacking easily. Backdoor any function in any DLL.☆714Aug 26, 2025Updated 6 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆436Jun 27, 2025Updated 8 months ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 5 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- BOF to run PE in Cobalt Strike Beacon without console creation☆186Nov 23, 2025Updated 3 months ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated 11 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆281Apr 6, 2025Updated 10 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 5 months ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆211Sep 20, 2025Updated 5 months ago
- Clipboard for Command and Control between VDI, RDP and Others on Windows☆50Dec 7, 2025Updated 2 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆221Jun 4, 2025Updated 8 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆264Sep 23, 2025Updated 5 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to…☆45Jun 1, 2025Updated 8 months ago
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆92Aug 3, 2025Updated 6 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆537May 9, 2025Updated 9 months ago
- Windows remote execution multitool☆781Oct 1, 2025Updated 4 months ago
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 8 months ago
- Lateral movement with DCOM DLL hijacking☆177Jul 4, 2025Updated 7 months ago
- This comprehensive process injection series is crafted for cybersecurity enthusiasts, researchers, and professionals who aim to stay at t…☆436May 22, 2025Updated 9 months ago
- A Reflective Loader for macOS☆147Jul 20, 2025Updated 7 months ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- SVG Analysis and generation tools for commonly seen SVG attachment phishing☆55Sep 24, 2025Updated 5 months ago
- AppLocker-Based EDR Neutralization☆321Dec 19, 2025Updated 2 months ago
- Evasive Payload Delivery Server & C2 Redirector☆112Nov 3, 2025Updated 3 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆52May 16, 2025Updated 9 months ago
- Modern PIC implant for Windows (64 & 32 bit)☆106Jul 23, 2025Updated 7 months ago
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- Fairy Law - Compromise or disable EDR security solutions☆68Dec 1, 2025Updated 2 months ago