cbrnrd / malikethLinks
π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python
β45Updated last year
Alternatives and similar repositories for maliketh
Users that are interested in maliketh are comparing it to the libraries listed below
Sorting:
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β96Updated 6 months ago
- Shellcode Loader Utilizing ETW Eventsβ65Updated 5 months ago
- a demo module for the kaine agent to execute and inject assembly modulesβ39Updated 11 months ago
- β40Updated 8 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.β64Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loaderβ54Updated last year
- shell code exampleβ62Updated 3 months ago
- Exploiting the KsecDD Windows driver through Server Silosβ73Updated 9 months ago
- BYOVD Technique Example using viragt64 driverβ48Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.β48Updated last year
- Windows AppLocker Driver (appid.sys) LPEβ63Updated last year
- In-memory hiding techniqueβ57Updated 7 months ago
- β41Updated 6 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interfaceβ72Updated last month
- A POC of a new βthreadlessβ process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and reβ¦β27Updated 2 years ago
- Section-based payload obfuscation technique for x64β64Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β76Updated last year
- β88Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial β¦β50Updated 7 months ago
- Splitting and executing shellcode across multiple pagesβ101Updated 2 years ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure β¦β17Updated 5 months ago
- Reimplementation of the KExecDD DSE bypass technique.β53Updated 11 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".β86Updated 2 years ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).β54Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post, in rustβ60Updated 9 months ago
- Shellcode capable of bypassing EAF / IAF mitigationsβ24Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentialsβ56Updated 3 months ago
- Various methods of executing shellcodeβ71Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assemblyβ60Updated last year
- β100Updated last year