b1-team / superman
🤖 Kill The Protected Process 🤖
☆436Updated 8 months ago
Alternatives and similar repositories for superman:
Users that are interested in superman are comparing it to the libraries listed below
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆713Updated last year
- 免杀学习笔记☆217Updated last year
- windows-rs shellcode loaders☆332Updated 7 months ago
- 🎃 PumpBin is an Implant Generation Platform.☆297Updated 7 months ago
- CPP AV/EDR Killer☆375Updated last year
- not a reverse-engineered version of the Cobalt Strike Beacon☆347Updated 10 months ago
- New generation of wmiexec.py☆1,052Updated 2 months ago
- A command and control framework written in rust.☆304Updated last month
- link is a command and control framework written in rust☆571Updated 3 years ago
- Remove AV/EDR Kernel ObRegisterCallbacks、CmRegisterCallback、MiniFilter Callback、PsSetCreateProcessNotifyRoutine Callback、PsSetCreateThrea…☆999Updated 8 months ago
- Nimbo-C2 is yet another (simple and lightweight) C2 framework☆371Updated 4 months ago
- Loading BOF & ShellCode without executable permission memory.☆395Updated 3 months ago
- Open repository for learning dynamic shellcode loading (sample in many programming languages)☆237Updated 3 weeks ago
- kill anti-malware protected processes ( BYOVD) ( Microsoft Won)☆920Updated last year
- HVNC for Cobalt Strike☆1,190Updated last year
- Windows Token Stealing Expert☆463Updated last year
- RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.☆1,438Updated 6 months ago
- PrintNotifyPotato☆513Updated 2 years ago
- darkPulse是一个用go编写的shellcode Packer,用于生成各种各样的shellcode loader,免杀火绒,360核晶等国内常见杀软。☆825Updated 4 months ago
- Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.☆285Updated 10 months ago
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆452Updated 5 months ago
- C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can…☆510Updated 3 years ago
- An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot downloaded in memor…☆396Updated last week
- Local privilege escalation via PetitPotam (Abusing impersonate privileges).☆424Updated last year
- ☆324Updated 8 months ago
- CrossC2 developed based on the Cobalt Strike framework can be used for other cross-platform system control. CrossC2Kit provides some inte…☆213Updated last year
- Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)☆523Updated last year
- A Command and Control (C2)☆298Updated last year
- Abuse Impersonate Privilege from Service to SYSTEM like other potatoes do☆370Updated 2 years ago
- Some Service DCOM Object and SeImpersonatePrivilege abuse.☆354Updated 2 years ago