clownfive / CustomStackLinks
自定义函数堆栈,从而绕过ETW检测,这个是完整版。
☆13Updated last year
Alternatives and similar repositories for CustomStack
Users that are interested in CustomStack are comparing it to the libraries listed below
Sorting:
- vehsyscall:a syscall project that may bypass EDR☆59Updated last year
- Self Cleanup in post-ex job☆58Updated last year
- beta☆118Updated last year
- shellcode生成框架☆87Updated last year
- Beacon compiled using clang☆71Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆57Updated 2 weeks ago
- ☆27Updated 2 years ago
- more conveniently Visual-Studio-BOF-template☆71Updated 2 years ago
- Binary Hollowing☆84Updated last year
- A C implementation for a stealth injection method☆32Updated this week
- kill AV/EDR☆22Updated 2 years ago
- An implementation of an indirect system call☆132Updated 2 years ago
- 一个demo☆24Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆57Updated 2 years ago
- A Blind EDR Project for Educational Purposes☆50Updated 9 months ago
- A BOF/COFF loader implemented in Go and CGO.☆22Updated last year
- ☆92Updated 4 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆53Updated 2 years ago
- Stack integrity verification to Detect SleepMask or CallStack Spoofer☆36Updated 3 months ago
- ☆43Updated 2 years ago
- Use COM Component Bypass UAC,Dll Version☆36Updated 4 years ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆140Updated 11 months ago
- A method to execute syscalls while bypassing EDR's function hooking and call stack analysis.☆23Updated 6 months ago
- Silently Install Chrome Extension For Persistence☆92Updated last year
- RawCopy - Golang implementation☆24Updated 2 years ago
- PE to shellcode☆28Updated 9 months ago
- ☆16Updated 4 months ago
- 使用kcp实现的socks5正向代理☆12Updated last year
- Code with Windows Hacker☆12Updated 3 years ago
- HVNC PoC (Hidden VNC) in Rust☆32Updated last month