arget13 / DDexecLinks
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
☆857Updated 4 months ago
Alternatives and similar repositories for DDexec
Users that are interested in DDexec are comparing it to the libraries listed below
Sorting:
- Execute ELF files without dropping them on disk☆495Updated last year
- Red-Team Linux kernel rootkit☆528Updated this week
- Statically-linked ssh server with reverse shell functionality for CTFs and such☆992Updated 2 years ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,193Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆1,452Updated last year
- Linux PAM Backdoor☆342Updated last year
- This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.☆511Updated last month
- Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)☆1,350Updated 5 months ago
- A small reverse shell for Linux & Windows☆610Updated last year
- Collection of PoC and offensive techniques used by the BlackArrow Red Team☆1,133Updated last year
- MD5-Monomorphic Shellcode Packer - all payloads have the same MD5 hash☆791Updated 2 years ago
- A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.☆1,881Updated last year
- Windows Privilege Escalation from User to Domain Admin.☆1,403Updated 2 years ago
- Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.☆1,259Updated last year
- Template-Driven AV/EDR Evasion Framework☆1,711Updated last year
- Open-Source Shellcode & PE Packer☆1,984Updated last year
- Hide your payload in DNS☆613Updated 2 years ago
- DeimosC2 is a Golang command and control framework for post-exploitation.☆1,126Updated 3 months ago
- bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)☆564Updated last year
- A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.☆2,042Updated last month
- Another Windows Local Privilege Escalation from Service Account to System☆877Updated 2 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆983Updated last year
- Sandman is a NTP based backdoor for hardened networks.☆802Updated last year
- Kernel exploitation technique☆577Updated last year
- mTLS-Encrypted Back-Connect SOCKS5 Proxy☆450Updated last year
- A collection of statically compiled tools like Nmap and Socat.☆451Updated last year
- SSH based reverse shell☆1,177Updated last week
- The swiss army knife of LSASS dumping☆1,977Updated 10 months ago
- ☆1,682Updated 11 months ago
- A light-weight first-stage C2 implant written in Nim (and Rust).☆900Updated 4 months ago