freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package
☆35Mar 28, 2023Updated 2 years ago
Alternatives and similar repositories for freeMetsrvLoader
Users that are interested in freeMetsrvLoader are comparing it to the libraries listed below
Sorting:
- ☆25Apr 28, 2024Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- Duplicate not owned Token from Running Process☆74Jul 21, 2023Updated 2 years ago
- Kernel Mode Driver for Elevating Process Privileges☆132Mar 23, 2023Updated 2 years ago
- REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…☆163Feb 22, 2024Updated 2 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆155Jan 21, 2023Updated 3 years ago
- ☆47Feb 11, 2023Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- Bash tool used for proactive detection of malicious activity on macOS systems.☆39Sep 29, 2025Updated 5 months ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 2 years ago
- Select any exported function in a dll as the new dll's entry point.☆81Oct 25, 2024Updated last year
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated last year
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 2 years ago
- Native Syscalls Shellcode Injector☆267Jul 2, 2023Updated 2 years ago
- A small script to resolve domains to Azure AD tenants (and OAuth login portals)☆29Jun 26, 2023Updated 2 years ago
- ☆75Feb 4, 2024Updated 2 years ago
- Dropping a powershell script at %HOMEPATH%\Documents\WindowsPowershell\ , that contains the implant's path , and whenever powershell pro…☆85Aug 2, 2023Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- I have documented all of the AMSI patches that I learned till now☆73Nov 4, 2025Updated 4 months ago
- PoC-Malware-TTPs☆48Mar 26, 2023Updated 2 years ago
- A Ruby micro-framework for writing and running exploit payloads☆23Jan 16, 2026Updated last month
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- powershell script i wrote that can suspend an arbitrary process (with limits)☆22Mar 26, 2023Updated 2 years ago
- Registry hive parsing the async way☆25Oct 29, 2025Updated 4 months ago
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- RegStrike is a .reg payload generator☆58Sep 19, 2023Updated 2 years ago
- ☆16Oct 18, 2024Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp…☆438Aug 2, 2023Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Jun 22, 2023Updated 2 years ago