c3l3si4n / windows_sleep_techniquesLinks
A collections of methods to sleep on Windows using common and less-so-common techniques
☆14Updated last year
Alternatives and similar repositories for windows_sleep_techniques
Users that are interested in windows_sleep_techniques are comparing it to the libraries listed below
Sorting:
- Bypass the Event Trace Windows(ETW) and unhook ntdll.☆113Updated last year
- Basic interactive Windows kernel offensive toolkit written in C☆131Updated this week
- Splitting and executing shellcode across multiple pages☆101Updated 2 years ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆179Updated 2 years ago
- A bunch of scripts and code i wrote.☆144Updated 10 months ago
- Create Anti-Copy DRM Malware☆65Updated last year
- 「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x☆25Updated 5 months ago
- 「⚠️」Performing a BYOVD on the truesight.sys driver☆42Updated 9 months ago
- ☆152Updated last year
- 「🧊」Ring 3 Rootkit for Windows 10☆58Updated 9 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated 2 years ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆164Updated last year
- Local & remote Windows DLL Proxying☆165Updated last year
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆85Updated 7 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- ☆146Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- PE obfuscator with Evasion in mind☆212Updated 2 years ago
- XOR decrypting shellcode using the GPU with OpenCL.☆116Updated 4 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆47Updated 2 months ago
- random code snippets, useful for getting started☆121Updated 10 months ago
- kernel-mode DLL Injector☆110Updated 5 months ago
- Mockingjay process self injection POC☆39Updated 2 years ago
- Malware?☆74Updated 11 months ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆120Updated last year
- Windows rootkit designed to work with BYOVD exploits☆206Updated 8 months ago
- CaveCarver - PE backdooring tool which utilizes and automates code cave technique☆230Updated 2 years ago
- Encodes a payload within a generated mock-CSS file☆59Updated 2 years ago