b1-team / phantomLinks
A memory-based evasion technique which makes shellcode invisible from process start to end.
☆16Updated last year
Alternatives and similar repositories for phantom
Users that are interested in phantom are comparing it to the libraries listed below
Sorting:
- BOF/COFF obj file to PIC(shellcode). by golang☆39Updated 2 years ago
- A Simple PoC☆21Updated last year
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆44Updated 2 years ago
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆24Updated 11 months ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Updated 2 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆32Updated 2 months ago
- BypassCredGuard CS BOF☆39Updated 4 months ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆34Updated 3 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆25Updated 3 years ago
- replace the shellcode chatacters so that reduce the entropy☆17Updated last year
- DLL Unhooking☆12Updated 4 years ago
- ☆15Updated 2 years ago
- A nim implementation of sRDI☆18Updated last year
- Reflective DLL injection Execution☆19Updated 2 years ago
- A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.☆19Updated 3 years ago
- Fork & modify of Wireguard's Memmod☆32Updated last year
- x64 version