Another Go Shellcode Loader using Windows APIs
☆141Nov 4, 2021Updated 4 years ago
Alternatives and similar repositories for Bankai
Users that are interested in Bankai are comparing it to the libraries listed below
Sorting:
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆115Jun 7, 2021Updated 4 years ago
- Injects shellcode into remote processes using direct syscalls☆77Dec 30, 2020Updated 5 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 2 years ago
- A major platforms RAT Tools .High scalability.Now support Windows/Linux/MacOS☆84Apr 20, 2022Updated 3 years ago
- Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…☆269Mar 18, 2021Updated 4 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆291Mar 8, 2023Updated 2 years ago
- PoC for UUID shellcode execution using DInvoke☆155Mar 8, 2021Updated 4 years ago
- Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions☆495Apr 1, 2021Updated 4 years ago
- Reflectively load PE☆106Aug 4, 2020Updated 5 years ago
- Executes position independent shellcode from an encrypted zip☆304Dec 22, 2020Updated 5 years ago
- 🐶Cobalt Strike Shellcode Loader by Golang☆284Apr 22, 2021Updated 4 years ago
- A faithful transposition of the key features/functionality of @itm4n's PPLDump project as a BOF.☆143Sep 24, 2021Updated 4 years ago
- Modular C2 framework aiming to ease post exploitation for red teamers.☆194May 22, 2022Updated 3 years ago
- donLoader is a shellcode loader creation tool that uses donut to convert executable payloads into shellcode to evade detection on disk.☆20Nov 24, 2021Updated 4 years ago
- 基于反向代理的水坑部署工具☆261Dec 31, 2021Updated 4 years ago
- A protective and Low Level Shellcode Loader that defeats modern EDR systems.☆917Mar 20, 2024Updated last year
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process☆230Jul 30, 2020Updated 5 years ago
- New UAC bypass for Silent Cleanup for CobaltStrike☆191Jul 14, 2021Updated 4 years ago
- Go实现部分Rubeus功能,可执行asktgt, asktgs, s4u, describe ticket, renew ticket, asreproast等☆142May 5, 2022Updated 3 years ago
- A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls o…☆1,172Feb 25, 2023Updated 3 years ago
- Really stupid re-implementation of invoke-wmiexec☆217Feb 25, 2023Updated 3 years ago
- Defense Evasion & Bypass AntiVirus reference☆74Mar 28, 2021Updated 4 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 5 years ago
- Project to check which Nt/Zw functions your local EDR is hooking☆200Mar 21, 2021Updated 4 years ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- Collection of C# projects. Useful for pentesting and redteaming.☆322Oct 19, 2023Updated 2 years ago
- 防火墙出网探测工具,内网穿透型socks5代理☆269Nov 12, 2021Updated 4 years ago
- C++ WinRM API via Reflective DLL☆145Sep 11, 2021Updated 4 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- Simple executable generator with encrypted shellcode.☆280Oct 3, 2022Updated 3 years ago
- It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)☆527Oct 12, 2022Updated 3 years ago
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Nov 14, 2020Updated 5 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆232Jun 10, 2022Updated 3 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- 一款可以在不出网的环境下进行反向代理及cs上线的工具☆491Apr 26, 2023Updated 2 years ago
- 微软签名缺陷利用,老技术☆18Aug 10, 2021Updated 4 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago