b1-team / superman
🤖 Kill The Protected Process 🤖
☆437Updated 10 months ago
Alternatives and similar repositories for superman:
Users that are interested in superman are comparing it to the libraries listed below
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆716Updated last year
- 免杀学习笔记☆221Updated last year
- not a reverse-engineered version of the Cobalt Strike Beacon☆355Updated last year
- windows-rs shellcode loaders☆350Updated 9 months ago
- CPP AV/EDR Killer☆403Updated last year
- Open repository for learning dynamic shellcode loading (sample in many programming languages)☆243Updated 2 months ago
- HVNC for Cobalt Strike☆1,210Updated last year
- Loading BOF & ShellCode without executable permission memory.☆429Updated 5 months ago
- New generation of wmiexec.py☆1,065Updated 4 months ago
- ☆507Updated this week
- 🎃 PumpBin is an Implant Generation Platform.☆306Updated 9 months ago
- kill anti-malware protected processes ( BYOVD) ( Microsoft Won)☆935Updated last year
- Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.☆291Updated last year
- Windows Token Stealing Expert☆467Updated last year
- A tool for creating hidden accounts using the registry || 一个使用注册表创建隐藏帐户的工具☆467Updated 2 years ago
- Red Team C2 Framework with AV/EDR bypass capabilities.☆386Updated this week
- link is a command and control framework written in rust☆575Updated 3 years ago
- Shellcode loader generator with multiples features☆475Updated 3 months ago
- ☆248Updated 8 months ago
- Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)☆525Updated last year
- PoC for the Untrusted Pointer Dereference in the ks.sys driver☆278Updated 4 months ago
- PrintNotifyPotato☆517Updated 2 years ago
- Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver☆267Updated 3 weeks ago
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆472Updated 7 months ago
- Local privilege escalation via PetitPotam (Abusing impersonate privileges).☆429Updated 2 years ago
- UAC Bypass By Abusing Kerberos Tickets☆496Updated last year
- Go shellcode loader that combines multiple evasion techniques☆363Updated last year
- An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…☆409Updated last week
- CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some inte…☆218Updated last year
- DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYS…☆381Updated 8 months ago