arget13 / DDexec
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
☆820Updated this week
Alternatives and similar repositories for DDexec:
Users that are interested in DDexec are comparing it to the libraries listed below
- Execute ELF files without dropping them on disk☆491Updated 8 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,172Updated last year
- Open-Source Shellcode & PE Packer☆1,925Updated last year
- Template-Driven AV/EDR Evasion Framework☆1,649Updated last year
- Collection of PoC and offensive techniques used by the BlackArrow Red Team☆1,100Updated 8 months ago
- Alternative Shellcode Execution Via Callbacks☆1,533Updated 2 years ago
- ☆1,610Updated 6 months ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,825Updated 11 months ago
- The swiss army knife of LSASS dumping☆1,894Updated 6 months ago
- Repository for information about 0-days exploited in-the-wild.☆781Updated this week
- Sandman is a NTP based backdoor for red team engagements in hardened networks.☆784Updated 11 months ago
- Linux kernel rootkit☆336Updated 3 weeks ago
- Syscall Shellcode Loader (Work in Progress)☆1,167Updated 10 months ago
- Windows Privilege Escalation from User to Domain Admin.☆1,371Updated 2 years ago
- Shikata ga nai (仕方がない) encoder ported into go with several improvements☆1,656Updated last year
- Awesome EDR Bypass Resources For Ethical Hacking☆1,116Updated last month
- A modern 32/64-bit position independent implant template☆1,163Updated last week
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆714Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,429Updated last year
- Statically-linked ssh server with reverse shell functionality for CTFs and such☆954Updated 2 years ago
- ☆748Updated last year
- a tool to help operate in EDRs' blind spots☆722Updated 3 months ago
- DeimosC2 is a Golang command and control framework for post-exploitation.☆1,112Updated last year
- Another Windows Local Privilege Escalation from Service Account to System☆837Updated 2 years ago
- Linux PAM Backdoor☆322Updated last year
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.☆1,921Updated this week
- Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation☆955Updated 2 years ago
- reverse shell using curl☆452Updated 11 months ago
- This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.☆490Updated 3 months ago
- PoC for CVE-2023-4911☆384Updated last year