Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH
☆70Sep 6, 2021Updated 4 years ago
Alternatives and similar repositories for TitanLdr
Users that are interested in TitanLdr are comparing it to the libraries listed below
Sorting:
- Six cases demonstrating methods of optimizing GetProcAddress☆19Jan 3, 2022Updated 4 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- ☆128Jun 28, 2023Updated 2 years ago
- TypeLib persistence technique☆141Oct 22, 2024Updated last year
- ☆75Feb 4, 2024Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,008Jun 4, 2024Updated last year
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 3 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1☆19Apr 4, 2022Updated 3 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- Original hVNC has been recoded to work with all version of windows above XP. Thanks to the original author for this wonderful tool.☆10Oct 13, 2021Updated 4 years ago
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆43Oct 30, 2024Updated last year
- Криптор на шелл-кодах☆11May 3, 2020Updated 5 years ago
- Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.☆151Jul 20, 2022Updated 3 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- WCRT CMake build☆11Mar 26, 2014Updated 11 years ago
- Modifies machine.config for persistence after installing signed .net assembly onto GAC☆13Mar 17, 2022Updated 4 years ago
- ☆17Jun 10, 2025Updated 9 months ago
- bring your own clean ntdll (or other MS dlls)☆29Jul 14, 2025Updated 8 months ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆559Apr 8, 2025Updated 11 months ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- ☆42Feb 18, 2025Updated last year
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆102Jan 7, 2022Updated 4 years ago
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- ☆74Jun 17, 2025Updated 9 months ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆116Oct 30, 2025Updated 4 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- For when DLLMain is the only way☆424Oct 29, 2024Updated last year
- XssBot-Модульный резидентный бот с супер админкой☆11Jan 6, 2023Updated 3 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses RegConnectRegistryA + RegOpenKeyExA API to dump registry hives on remote computer☆17Mar 4, 2023Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago