boku7 / DarkWidowView external linksLinks
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
☆16Feb 13, 2024Updated 2 years ago
Alternatives and similar repositories for DarkWidow
Users that are interested in DarkWidow are comparing it to the libraries listed below
Sorting:
- ☆11Dec 8, 2023Updated 2 years ago
- Red Team Coin for crypto-mining operations.☆23Jan 12, 2026Updated last month
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Havoc plugin allowing in-memory execution of PowerShell cmdlets☆13Dec 14, 2023Updated 2 years ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- Simple website to automatically generate string encryption/decryption routines for C#☆10Feb 12, 2022Updated 4 years ago
- Source Code Management Attack Toolkit☆13Aug 1, 2022Updated 3 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Mar 18, 2022Updated 3 years ago
- HTML smuggling is not an evil, it can be useful☆14Jan 28, 2023Updated 3 years ago
- Interactive program for loading AES encrypted shellcode with Dynamic Invocation, and interactive .NET assemblies in memory.☆13Mar 16, 2022Updated 3 years ago
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- Covenant is a collaborative .NET C2 framework for red teamers.☆13Jul 15, 2022Updated 3 years ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 7 months ago
- Generate AES128 and AES256 Kerberos keys from a given username, password, and realm☆18Sep 18, 2024Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆22Aug 26, 2023Updated 2 years ago
- Bake shellcode to get malicious.exe☆27Jul 25, 2023Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆25Aug 17, 2018Updated 7 years ago
- Quickly generate every payload type for each listener and optionally host via HTTP.☆22Aug 23, 2021Updated 4 years ago
- Hooked create process injection for meterpreter☆23Jun 16, 2021Updated 4 years ago
- a port of privkit bof for havoc☆23Dec 8, 2023Updated 2 years ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 10 months ago
- ☆33Jan 23, 2025Updated last year
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Sleep obfuscation☆265Dec 13, 2024Updated last year
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆24Apr 4, 2023Updated 2 years ago
- Situational Awareness script to identify how and where to run implants☆67Dec 6, 2024Updated last year
- A string obfuscator for .NET apps, built to evade static string analysis.☆111Jan 3, 2023Updated 3 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- Rust Implementation of SharpDllProxy for DLL Proxying Technique☆29Oct 27, 2022Updated 3 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆62Mar 19, 2021Updated 4 years ago
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated last year
- Logging tool intended for red team usage☆35Dec 5, 2025Updated 2 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Mar 6, 2024Updated last year
- An android app which run in background and send data to the golang rat server☆24Dec 29, 2020Updated 5 years ago