benheise / ANGRYORCHARDView external linksLinks
A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.
☆52Sep 20, 2022Updated 3 years ago
Alternatives and similar repositories for ANGRYORCHARD
Users that are interested in ANGRYORCHARD are comparing it to the libraries listed below
Sorting:
- Red-Teaming TempleOS.☆18Jul 29, 2022Updated 3 years ago
- Finding Truth in the Shadows☆120Jan 26, 2023Updated 3 years ago
- This tool is useful in case you want to evade the detection based on simple rules when trying to dump the SAM, SYSTEM or SECURITY hives u…☆10Aug 31, 2022Updated 3 years ago
- Enumerate Callbacks and all Object Types☆16Jan 9, 2023Updated 3 years ago
- ☆17Dec 18, 2020Updated 5 years ago
- ☆19Oct 12, 2024Updated last year
- Rust Implementation of SharpDllProxy for DLL Proxying Technique☆29Oct 27, 2022Updated 3 years ago
- Tool for pivoting over SMB pipes☆16Jul 20, 2019Updated 6 years ago
- Using fibers to run in-memory code.☆240Oct 19, 2023Updated 2 years ago
- Hijack Printconfig.dll to execute shellcode☆100Jan 15, 2021Updated 5 years ago
- LPE exploit for CVE-2023-36802☆24Oct 10, 2023Updated 2 years ago
- Event Masker is a Splunk streaming command to mask event from search based on a list of rules that contain conditions.☆16Oct 11, 2022Updated 3 years ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- ☆563Feb 22, 2024Updated last year
- Static library and headers for linking your software with ntdll.dll☆38Dec 16, 2019Updated 6 years ago
- BasicLDR: A Reflective DLL Loader☆14Jun 11, 2024Updated last year
- ☆192Jul 29, 2024Updated last year
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- ☆23Oct 15, 2024Updated last year
- ☆23May 8, 2023Updated 2 years ago
- BOF combination of KillDefender and Backstab☆170Mar 23, 2023Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆243Sep 26, 2023Updated 2 years ago
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Recursive and arbitrary code execution at kernel-level without a system thread creation☆159Apr 13, 2023Updated 2 years ago
- ☆35Nov 4, 2017Updated 8 years ago
- Just another casual shellcode native loader☆25Feb 3, 2022Updated 4 years ago
- ☆65Jan 2, 2024Updated 2 years ago
- Unauthenticated start EFS service on remote Windows host (make PetitPotam great again)☆129Oct 23, 2025Updated 3 months ago
- GhostLoader - AppDomainManager - Injection - 攻壳机动队☆53May 21, 2020Updated 5 years ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆23Sep 15, 2023Updated 2 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆22Jul 29, 2021Updated 4 years ago
- JustGetDA, a cheat sheet which will aid you through internal network & red team engagements.☆13Jul 24, 2023Updated 2 years ago
- Windows Protected Process Light toggle tool — dynamically finds offsets and patches EPROCESS using RTCore64☆66May 2, 2025Updated 9 months ago
- NTAPI hook bypass with (semi) legit stack trace☆18May 9, 2023Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆136Mar 3, 2025Updated 11 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- ZeroImport is a lightweight and easy to use C++ library for Windows Kernel Drivers. It allows you to hide any import in your kernel drive…☆50Mar 22, 2023Updated 2 years ago