64bit WIndows 10 shellcode dat pops dat calc - Dynamic & Null Free
☆65Mar 8, 2023Updated 3 years ago
Alternatives and similar repositories for x64win-DynamicNoNull-WinExec-PopCalc-Shellcode
Users that are interested in x64win-DynamicNoNull-WinExec-PopCalc-Shellcode are comparing it to the libraries listed below
Sorting:
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆107Mar 8, 2023Updated 3 years ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- Get-PDInvokeImports is tool (PowerShell module) which is able to perform automatic detection of P/Invoke, Dynamic P/Invoke and D/Invoke u…☆54Apr 10, 2022Updated 3 years ago
- NTAPI hook bypass with (semi) legit stack trace☆19May 9, 2023Updated 2 years ago
- Hacky code for extracting calls in DLLs by function☆17Jun 3, 2022Updated 3 years ago
- A bunch of scripts and code i wrote.☆149Nov 7, 2024Updated last year
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆41Dec 31, 2020Updated 5 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆145Apr 21, 2022Updated 3 years ago
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆246Aug 2, 2023Updated 2 years ago
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- C# Port of LdapRelayScan☆91Nov 26, 2025Updated 3 months ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- .NET deobfuscator and unpacker (with a control flow unflattener for DoubleZero added).☆29Jun 14, 2022Updated 3 years ago
- This program is used to perform reflective DLL Injection to a remote process specified by the user.☆64Jul 11, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- ☆511Aug 14, 2022Updated 3 years ago
- ☆121Dec 23, 2022Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- Titan: A generic user defined reflective DLL for Cobalt Strike☆85Nov 20, 2022Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆244Sep 26, 2023Updated 2 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- BOF combination of KillDefender and Backstab☆167Mar 23, 2023Updated 2 years ago
- easy dll proxying in go☆14Apr 24, 2022Updated 3 years ago
- The Definitive Guide To Process Cloning on Windows☆543Jan 3, 2024Updated 2 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆18Jun 29, 2024Updated last year
- Library and tools to access the Common Log File System (CLFS)☆25Dec 4, 2025Updated 3 months ago
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- ☆22Jan 15, 2025Updated last year
- A simple BOF that frees UDRLs☆122May 29, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated last month
- ☆65Dec 19, 2024Updated last year