Remote DLL Injection with Timer-based Shellcode Execution
☆154Jul 18, 2025Updated 8 months ago
Alternatives and similar repositories for Remote-DLL-Injection-with-Timer-based-Shellcode-Execution
Users that are interested in Remote-DLL-Injection-with-Timer-based-Shellcode-Execution are comparing it to the libraries listed below
Sorting:
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆72Dec 26, 2025Updated 2 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆271Jun 18, 2025Updated 9 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to…☆45Jun 1, 2025Updated 9 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 8 months ago
- ☆164May 5, 2025Updated 10 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆211Aug 21, 2025Updated 6 months ago
- Repository for the DEF CON 33 talk: Kill Chain Reloaded☆80Aug 3, 2025Updated 7 months ago
- Blog/Journal on how to backdoor VSCode extensions☆78Feb 24, 2026Updated 3 weeks ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- ☆48Dec 5, 2025Updated 3 months ago
- Weaponize DLL hijacking easily. Backdoor any function in any DLL.☆724Aug 26, 2025Updated 6 months ago
- Decrypt SCCM and DPAPI secrets with Powershell.☆45Jun 24, 2025Updated 8 months ago
- BOF to run PE in Cobalt Strike Beacon without console creation☆187Nov 23, 2025Updated 3 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆224Jun 4, 2025Updated 9 months ago
- (MeetC2 a.k.a Meeting C2) - A framework abusing Google Calendar APIs.☆132Sep 4, 2025Updated 6 months ago
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆53Sep 13, 2025Updated 6 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆438Jun 27, 2025Updated 8 months ago
- Convert your shellcode into an ASCII string☆127Jun 27, 2025Updated 8 months ago
- BeaconatorC2 is a framework for red teaming and adversarial emulation, providing a full-featured management interface, along with a catal…☆92Jan 14, 2026Updated 2 months ago
- Fairy Law - Compromise or disable EDR security solutions☆68Dec 1, 2025Updated 3 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆264Sep 23, 2025Updated 5 months ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆335Mar 6, 2025Updated last year
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆174Sep 3, 2025Updated 6 months ago
- General Purpose OpSec Server☆112Updated this week
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆37Dec 12, 2025Updated 3 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆55May 12, 2025Updated 10 months ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆541May 9, 2025Updated 10 months ago
- A Reflective Loader for macOS☆148Jul 20, 2025Updated 7 months ago
- Windows remote execution multitool☆785Mar 10, 2026Updated last week
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- AppLocker-Based EDR Neutralization☆325Dec 19, 2025Updated 3 months ago
- Swiss Army Knife for payload encryption, obfuscation, and conversion to byte arrays – all in a single command (14 output formats supporte…☆212Mar 7, 2026Updated last week
- AutoRMM is a collection of scripts and instructions we are organizing, to test delivery mechanisms for RMM and screen sharing tools, alo…☆92Aug 3, 2025Updated 7 months ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆52May 16, 2025Updated 10 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆46Feb 24, 2026Updated 3 weeks ago
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year