cbrnrd / malikethLinks
π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
β45Updated last year
Alternatives and similar repositories for maliketh
Users that are interested in maliketh are comparing it to the libraries listed below
Sorting:
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEHβ121Updated last month
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β100Updated 7 months ago
- a demo module for the kaine agent to execute and inject assembly modulesβ42Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β64Updated 2 years ago
- Windows AppLocker Driver (appid.sys) LPEβ66Updated last year
- Shellcode Loader Utilizing ETW Eventsβ65Updated 7 months ago
- A unique introduction to native runtime obfuscation.β73Updated 7 months ago
- Various methods of executing shellcodeβ72Updated 2 years ago
- BYOVD Technique Example using viragt64 driverβ55Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.β48Updated last year
- Reimplementation of the KExecDD DSE bypass technique.β53Updated last year
- β43Updated 9 months ago
- shell code exampleβ62Updated this week
- β100Updated last year
- In-memory hiding techniqueβ57Updated 8 months ago
- XOR decrypting shellcode using the GPU with OpenCL.β116Updated 4 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loaderβ59Updated last year
- Splitting and executing shellcode across multiple pagesβ103Updated 2 years ago
- β42Updated 7 months ago
- A POC of a new βthreadlessβ process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and reβ¦β29Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentialsβ58Updated 4 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β84Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.β69Updated 2 years ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure β¦β19Updated 6 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interfaceβ74Updated 2 months ago
- Windows C++ Implant for Exploration C2β42Updated this week
- TypeLib persistence techniqueβ134Updated 11 months ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modulesβ42Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β92Updated last year
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged userβ41Updated last year