Windows Service with the implementation of the Process hollowing technique to run shellcode
☆14Jul 20, 2023Updated 2 years ago
Alternatives and similar repositories for HollowSVC
Users that are interested in HollowSVC are comparing it to the libraries listed below
Sorting:
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago
- Modified Spool Sample for SEImpersonate Privilege Escalation.☆17Aug 3, 2022Updated 3 years ago
- That guy uses python to bypass anti-virus, goddamn!基于python pyd的shellcode免杀绕过☆65Jun 27, 2023Updated 2 years ago
- ☆28Sep 1, 2023Updated 2 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- ☆28Aug 12, 2023Updated 2 years ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- 反取证程序,类似usbkill☆11Apr 22, 2023Updated 2 years ago
- clfs CVE 的一些 POC 收集☆16Oct 27, 2022Updated 3 years ago
- Remotely dump NT hashes through Windows Crash dumps☆34Oct 29, 2024Updated last year
- A more reliable way of resolving syscall numbers in Windows☆55Feb 12, 2024Updated 2 years ago
- 自用的shellcode生成框架☆33Jul 5, 2023Updated 2 years ago
- A PoC .NET-specific process injection tool☆58Mar 17, 2024Updated last year
- NTLM/Negotiate authentication over HTTP that supports Pass The Hash Mode (PtH)☆17Sep 13, 2024Updated last year
- 使用Go语言开发的Linux权限审计工具☆13Jun 15, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆13Feb 4, 2024Updated 2 years ago
- GitHubApi CVE Poc监控工具☆14Jan 23, 2026Updated last month
- Burpsuite extension. Supports ASP.NET ViewStateDecoder☆33Updated this week
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year
- 32 bit process inject shellcode to 32 bit process and 64 bit process☆35May 8, 2023Updated 2 years ago
- burpsuite 插件 根据配置简单规则编辑通过的HTTP流量包☆14Feb 27, 2023Updated 3 years ago
- C# API for Nidhogg rootkit☆21Apr 25, 2024Updated last year
- CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administr…☆14Dec 30, 2023Updated 2 years ago
- SSDG 基于Social规则的账号|密码|口令字典生成工具☆16Jan 10, 2025Updated last year
- Remove API hooks from a Beacon process.☆14Sep 18, 2021Updated 4 years ago
- Golang implement winrm client with pass the hash☆32Apr 29, 2024Updated last year
- BCEL编解码工具☆16Aug 3, 2022Updated 3 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Alibaba Nacos存在默认token.secret.key,导致远程攻击者可以绕过密钥认证接管Nacos☆19Mar 17, 2023Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- Small handy tool for crafting shellcodes by hand.☆18Apr 20, 2022Updated 3 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Aug 26, 2020Updated 5 years ago
- 爬虫,获取NVD/CNVD/CNNVD数据☆21Jan 7, 2022Updated 4 years ago
- Spring Boot whitelabel error page SpEL rce EXP☆13May 24, 2024Updated last year
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago