b1-team / phantom
A memory-based evasion technique which makes shellcode invisible from process start to end.
☆14Updated last year
Related projects ⓘ
Alternatives and complementary repositories for phantom
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆43Updated last year
- A nim implementation of sRDI☆16Updated last year
- BOF/COFF obj file to PIC(shellcode). by golang☆36Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆41Updated last year
- DLL Unhooking☆12Updated 3 years ago
- Preventing 3rd Party DLLs from Injecting into your Malware☆24Updated 3 years ago
- ☆39Updated last year
- A Simple PoC☆19Updated 5 months ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆32Updated last year
- ☆27Updated last year
- Using fibers to execute shellcode in a local process via csharp☆28Updated 2 years ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆28Updated 4 months ago
- ☆38Updated last year
- x64 version☆30Updated 3 years ago
- ELF Beacon Object File (BOF) Template☆43Updated this week
- Fork & modify of Wireguard's Memmod☆31Updated last year
- Beacon Object Files.☆31Updated 8 months ago
- Beacon Debugger☆35Updated 3 weeks ago
- A Cobalt Strike memory evasion loader for redteamers☆95Updated last year
- Reflective DLL injection Execution☆19Updated 2 years ago
- ComObject Shellcode Loader with fake return address☆12Updated 2 years ago
- Cs-Sleep-Mask-Fiber☆16Updated 2 months ago
- Using LNK files and user input simulation to start processes under explorer.exe☆23Updated 2 months ago
- dump lsass tool☆39Updated 2 years ago
- This project is created for research into antivirus evasion by unhooking.☆15Updated 3 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Updated 3 years ago
- old postex for grabbing a krbtgs for my current user☆28Updated last year
- ☆12Updated last year
- A simple hidden vnc.☆32Updated 3 years ago