☆18Sep 1, 2025Updated 5 months ago
Alternatives and similar repositories for CallWindowProcW-ShellcodeLoader
Users that are interested in CallWindowProcW-ShellcodeLoader are comparing it to the libraries listed below
Sorting:
- A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…☆23Jan 17, 2026Updated last month
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆124Feb 14, 2026Updated last week
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 3 months ago
- Impersonate Windows tokens in Nim☆23Aug 4, 2025Updated 6 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- Direct syscalls Injection to bypass AV/EDR☆12May 18, 2024Updated last year
- This repository contains tips, tricks, and examples of aggressor script functions. The intent is to share bite size examples that can be …☆16Aug 12, 2025Updated 6 months ago
- ☆35Dec 4, 2025Updated 2 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆113Jan 29, 2026Updated last month
- ☆41Dec 24, 2025Updated 2 months ago
- Linkfinder by Rdzsp is a browser extension that automatically scans and collects endpoints from JavaScript files on websites☆32Aug 22, 2024Updated last year
- ☆18Sep 22, 2024Updated last year
- ☆22Apr 11, 2025Updated 10 months ago
- Backend development stack for agents☆29Jul 30, 2025Updated 6 months ago
- Cobalt Strike Aggressor Script for identifying security products on Windows hosts — six enumeration methods rated by noise level, from si…☆33Feb 6, 2026Updated 3 weeks ago
- Automating the MITM attack on WSUS☆308Updated this week
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 6 months ago
- ☆26Aug 5, 2025Updated 6 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Updated this week
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆101Jan 10, 2026Updated last month
- C# Port Scanner☆48Oct 6, 2022Updated 3 years ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- Pentesting post exploitation tool for slack☆32Nov 15, 2025Updated 3 months ago
- One WSL BOF to rule them all☆152Jan 14, 2026Updated last month
- Quick and dirty PowerShell script to abuse the overly permissive capabilities of the SYSTEM user in a child domain on the Public Key Serv…☆29Jul 25, 2023Updated 2 years ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆25Mar 7, 2023Updated 2 years ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆29Oct 2, 2025Updated 4 months ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆106Mar 10, 2025Updated 11 months ago
- Freyja is a Golang, Purple Team agent that compiles into Windows, Linux and macOS x64 executables.☆63Oct 29, 2024Updated last year
- Payload Generation Workflow☆40Jul 18, 2025Updated 7 months ago
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆36Apr 24, 2025Updated 10 months ago
- POC tool to abuse windows server failover clusters☆55Aug 7, 2025Updated 6 months ago
- ☆54Oct 13, 2025Updated 4 months ago
- PowerShell collector for adding SCCM attack paths to BloodHound with OpenGraph☆72Updated this week
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- ☆139Jan 16, 2025Updated last year
- A python library to create BloodHound OpenGraphs☆53Feb 4, 2026Updated 3 weeks ago
- ☆47Dec 5, 2025Updated 2 months ago
- Shellcode injection using the Windows Debugging API☆167Jan 4, 2026Updated last month