caueb / MockingjayLinks
Mockingjay process self injection POC
☆39Updated 2 years ago
Alternatives and similar repositories for Mockingjay
Users that are interested in Mockingjay are comparing it to the libraries listed below
Sorting:
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆112Updated last month
- Code execution/injection technique using DLL PEB module structure manipulation☆163Updated 2 months ago
- ☆124Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆119Updated 9 months ago
- ☆110Updated 6 months ago
- Find DLLs with RWX section☆81Updated 2 years ago
- Lateral Movement via the .NET Profiler☆82Updated 9 months ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆119Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆66Updated last year
- Simple BOF to read the protection level of a process☆118Updated 2 years ago
- Good CLR Host with Native patchless AMSI Bypass☆87Updated 4 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆104Updated 4 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆101Updated 2 years ago
- ☆124Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- A Mythic agent for Windows written in C☆133Updated last month
- ☆119Updated 7 months ago
- Evasive Payload Delivery Server & C2 Redirector☆99Updated 3 weeks ago
- ☆133Updated 6 months ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆98Updated this week
- Adversary Emulation Framework☆122Updated 2 months ago
- Lateral movement with DCOM DLL hijacking☆138Updated last month
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆192Updated 9 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆91Updated last month
- Impersonate Tokens using only NTAPI functions☆79Updated 4 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆149Updated last month
- Threadless shellcode injection tool☆67Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 5 months ago
- ☆192Updated last year