Windows Service with the implementation of the Process hollowing technique to run shellcode
☆14Jul 20, 2023Updated 2 years ago
Alternatives and similar repositories for HollowSVC
Users that are interested in HollowSVC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆12Jul 2, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 3 months ago
- ☆12Oct 19, 2024Updated last year
- 自用的shellcode生成框架☆33Jul 5, 2023Updated 2 years ago
- A more reliable way of resolving syscall numbers in Windows☆54Feb 12, 2024Updated 2 years ago
- ☆28Aug 12, 2023Updated 2 years ago
- That guy uses python to bypass anti-virus, goddamn!基于python pyd的shellcode免杀绕过☆65Jun 27, 2023Updated 2 years ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 3 years ago
- ☆11May 5, 2024Updated last year
- Modified Spool Sample for SEImpersonate Privilege Escalation.☆17Aug 3, 2022Updated 3 years ago
- Writeups for Vulnhub, Tryhackme and Others☆13Jun 25, 2023Updated 2 years ago
- Golang implement winrm client with pass the hash☆32Apr 29, 2024Updated last year
- 32 bit process inject shellcode to 32 bit process and 64 bit process☆35May 8, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- clfs CVE 的一些 POC 收集☆16Oct 27, 2022Updated 3 years ago
- 一键出网探测工具☆73Feb 25, 2023Updated 3 years ago
- Burpsuite extension. Supports ASP.NET ViewStateDecoder☆33Mar 1, 2026Updated 3 weeks ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)☆17Sep 13, 2024Updated last year
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- Remove API hooks from a Beacon process.☆14Sep 18, 2021Updated 4 years ago
- 反取证程序,类似usbkill☆11Apr 22, 2023Updated 2 years ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- SSDG 基于Social规则的账号|密码|口令字典生成工具☆16Jan 10, 2025Updated last year
- GitHubApi CVE Poc监控工具☆14Jan 23, 2026Updated 2 months ago
- Remotely dump NT hashes through Windows Crash dumps☆33Oct 29, 2024Updated last year
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆14Dec 30, 2023Updated 2 years ago
- ☆28Sep 1, 2023Updated 2 years ago
- ☆24Feb 1, 2025Updated last year
- A CPU Backdoor. Phrack 72☆15Dec 4, 2025Updated 3 months ago
- 使用Go语言开发的Linux权限审计工具☆13Jun 15, 2022Updated 3 years ago
- ☆20Jul 23, 2023Updated 2 years ago
- Change hash for a signed pe☆18Jul 18, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆98Mar 20, 2023Updated 3 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- A PoC .NET-specific process injection tool☆58Mar 17, 2024Updated 2 years ago
- ☆28Oct 19, 2024Updated last year