bananabr / Givemeahand
A PoC tool for exploiting leaked process and thread handles
☆30Updated 7 months ago
Related projects: ⓘ
- ☆26Updated 2 years ago
- ☆58Updated this week
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 2 years ago
- ☆48Updated last year
- ☆58Updated 2 years ago
- A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines☆41Updated last year
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆52Updated last year
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆23Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆24Updated 8 months ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆20Updated 2 years ago
- ☆26Updated 2 months ago
- ☆54Updated 2 years ago
- ☆14Updated 2 years ago
- Dangling COM Keys Finder☆14Updated 2 years ago
- ☆29Updated this week
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆29Updated 2 years ago
- Enabled / Disable LSA Protection via BYOVD☆61Updated 2 years ago
- ☆23Updated 4 months ago
- RunPE using Hell's Gate technique.☆30Updated 3 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆32Updated 3 years ago
- Artemis - C++ Hell's Gate Syscall Implementation☆31Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆34Updated 9 months ago
- ☆14Updated this week
- ☆16Updated this week
- Example for PagedOut!☆24Updated 4 years ago
- A (quite) simple steganography algorithm to hide shellcodes within bitmap image.☆19Updated 4 months ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- ☆23Updated this week