clownfive / CustomStack
自定义函数堆栈,从而绕过ETW检测,这个是完整版。
☆10Updated 5 months ago
Related projects: ⓘ
- vehsyscall:a syscall project that may bypass EDR☆41Updated 6 months ago
- ☆26Updated last year
- Rust 重构的 sRDI☆11Updated last week
- kill AV/EDR☆20Updated last year
- ☆38Updated 11 months ago
- more conveniently Visual-Studio-BOF-template☆45Updated last year
- Self Cleanup in post-ex job☆38Updated last week
- ☆18Updated 2 years ago
- 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus☆64Updated last year
- 一个demo☆23Updated 5 months ago
- Silently Install Chrome Extension For Persistence☆40Updated 2 months ago
- AddDefenderExclusions Beacon Object File☆31Updated last year
- Bypass EDR Create TaskServers☆34Updated last year
- ☆28Updated 10 months ago
- Beacon compiled using clang☆58Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆38Updated last year
- shellcode生成框架☆75Updated 2 months ago
- 看起来叫BabyBypass,实际啥都会记一些☆16Updated last year
- 自用的shellcode生成框架☆29Updated last year
- ☆21Updated this week
- Fork & modify of Wireguard's Memmod☆31Updated last year
- A little tool to play with Windows security☆12Updated 7 months ago
- Binary Hollowing☆49Updated last week
- ☆29Updated last year
- Some anti-sandbox codes, copy directly to strengthen your own ShellCode☆10Updated last year
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆40Updated last year
- An implementation of an indirect system call☆99Updated last year
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆43Updated 4 months ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆28Updated 4 months ago
- ReturnGate, just like HellsGate.☆65Updated 2 years ago