audibleblink / xordump
☆18Updated 3 years ago
Alternatives and similar repositories for xordump:
Users that are interested in xordump are comparing it to the libraries listed below
- Ntdll Unhooking POC☆19Updated 2 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Updated 3 years ago
- BOF/COFF obj file to PIC(shellcode). by golang☆37Updated 2 years ago
- This project is created for research into antivirus evasion by unhooking.☆15Updated 3 years ago
- SharpDir is a simple code set to search both local and remote file systems for files and is compatible with Cobalt Strike.☆26Updated 5 years ago
- Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…☆39Updated 4 years ago
- Windows Persistence Collection☆12Updated 3 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Updated 2 years ago
- golang implementation of Syswhisper2/Syswhisper3☆23Updated 2 years ago
- x64 version☆30Updated 3 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆12Updated 2 years ago
- Cobalt Strike Get clipboard plugin☆12Updated last year
- Beacon Object Files.☆35Updated last year
- ☆44Updated 2 years ago
- ☆19Updated 3 years ago
- ☆51Updated 5 years ago
- Tool scan EternalBlue by golang☆22Updated 5 years ago
- DPX - the Doge Packer for eXecutables☆27Updated 3 years ago
- Caeser Cipher your shellcode!☆20Updated 3 years ago
- EDR Evasion - Combination of SwampThing - TikiTorch☆24Updated 4 years ago
- Thanks to @d35ha☆13Updated 3 years ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Updated 4 years ago
- Terminate the eventlog thread to disable the windows eventlog☆20Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Updated 3 years ago
- An execute-assembly compatible tool for spraying local admin hashes on an Active Directory domain.☆18Updated 3 years ago
- A simple BOF implementation of klist using Windows API☆30Updated 2 years ago
- HookDetection☆45Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Updated 3 years ago
- ComObject Shellcode Loader with fake return address☆12Updated 3 years ago
- CVE-2019-1040 with Kerberos delegation☆33Updated 3 years ago