Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
☆15Feb 13, 2024Updated 2 years ago
Alternatives and similar repositories for DarkWidow
Users that are interested in DarkWidow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆11Dec 8, 2023Updated 2 years ago
- Red Team Coin for crypto-mining operations.☆23Mar 1, 2026Updated last month
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- A tool to assist DLL hijacking via the Havoc GUI☆13Jan 9, 2024Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Havoc plugin allowing in-memory execution of PowerShell cmdlets☆13Dec 14, 2023Updated 2 years ago
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- Source Code Management Attack Toolkit☆13Aug 1, 2022Updated 3 years ago
- This repository contains tips, tricks, and examples of aggressor script functions. The intent is to share bite size examples that can be …☆17Aug 12, 2025Updated 8 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆23Aug 26, 2023Updated 2 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Mar 16, 2022Updated 4 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 4 years ago
- Simple website to automatically generate string encryption/decryption routines for C#☆10Feb 12, 2022Updated 4 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆25Aug 17, 2018Updated 7 years ago
- Internationalization of Crystal programs.☆10Apr 13, 2021Updated 5 years ago
- Quickly generate every payload type for each listener and optionally host via HTTP.☆22Aug 23, 2021Updated 4 years ago
- A minimal abstraction for defining domain models and even domain model specs themselves - quite meta ...☆13Jan 28, 2022Updated 4 years ago
- sms2call app☆15Jul 20, 2025Updated 8 months ago
- no toxic names anymore☆16Jan 5, 2026Updated 3 months ago
- Deterministic iOS 7-9 64-bit Kernel Exploit☆38Feb 28, 2026Updated last month
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 3 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- A high level IPv6 subnet planner written in go☆27Aug 1, 2025Updated 8 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- ☆12Sep 1, 2022Updated 3 years ago
- C# DInvoke Shellcode Runner☆31Feb 10, 2025Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL…☆183Mar 13, 2023Updated 3 years ago
- Remote administration toolkit for windows, based on Hidden VNC: file manager, keystroke logger, powershell☆41Nov 23, 2025Updated 4 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- An eBPF-powered intrusion detection system with an end-to-end pipeline for kernel event monitoring, analysis, and visualization☆20Aug 13, 2025Updated 8 months ago
- Sleep obfuscation☆272Dec 13, 2024Updated last year
- Blog☆10Jul 18, 2023Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆61Mar 19, 2021Updated 5 years ago
- Simple and clear Rust implementation of the Af_XDP socket and XDP helpers.☆27Jul 9, 2025Updated 9 months ago
- Covenant is a collaborative .NET C2 framework for red teamers.☆12Jul 15, 2022Updated 3 years ago