c2pain / RustPatchlessCLRLoader

Related projects: ⓘ

• Idov31 / NidhoggScript
  NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
  ☆46Updated 6 months ago
• ZERODETECTION / MSC_Dropper
  ☆119Updated last month
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆76Updated 4 months ago
• NUL0x4C / FetchPayloadFromDummyFile
  Construct the payload at runtime using an array of offsets
  ☆59Updated 3 months ago
• EvilBytecode / Lifetime-Amsi-EtwPatch
  Two in one, patch lifetime powershell console, no more etw and amsi!
  ☆79Updated 2 months ago
• synacktiv / OUned
  The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning
  ☆71Updated 5 months ago
• deh00ni / NtDumpBOF
  ☆79Updated 2 weeks ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆74Updated 3 months ago
• BC-SECURITY / IronSharpPack
  IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…
  ☆104Updated 4 months ago
• EvilBytecode / Lifetime-AmsiBypass
  Lifetime AMSI bypass.
  ☆35Updated 2 months ago
• MzHmO / DebugAmsi
  DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.
  ☆91Updated last year
• Faran-17 / Hellshazzard
  Indirect Syscall implementation to bypass userland NTAPIs hooking.
  ☆52Updated last month
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆147Updated 9 months ago
• rasta-mouse / SpawnWith
  ☆90Updated 6 months ago
• Tarakhs / ToyingWithHellsGate
  Brief writeup of post exploitation methodologies.
  ☆17Updated 11 months ago
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆74Updated last year
• Octoberfest7 / enumhandles_BOF
  ☆99Updated 2 weeks ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆72Updated 11 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆39Updated 2 months ago
• passthehashbrowns / BOFMask
  ☆105Updated last year
• Offensive-Panda / DV_NEW
  This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
  ☆43Updated 4 months ago
• x4sh3s / AMSI_Lines
  Bypass AMSI By Dividing files into multiple smaller files
  ☆45Updated last year
• securifybv / BOFRyptor
  ☆113Updated 11 months ago
• GeisericII / Winpacket
  Impacket pre-compiled binaries
  ☆13Updated last year
• xpn / CloudInject
  ☆101Updated 4 months ago
• itaymigdal / PartyLoader
  Threadless shellcode injection tool
  ☆56Updated last month
• decoder-it / RelabelAbuse
  ☆58Updated 3 months ago
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆114Updated 2 months ago
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆147Updated 10 months ago
• t94j0 / adexplorersnapshot-rs
  ☆65Updated last month