clownfive / CustomStackLinks
自定义函数堆栈,从而绕过ETW检测,这个是完整版。
☆14Updated last year
Alternatives and similar repositories for CustomStack
Users that are interested in CustomStack are comparing it to the libraries listed below
Sorting:
- Simulate per-process disconnection in red team environments☆43Updated 2 weeks ago
- more conveniently Visual-Studio-BOF-template☆65Updated last year
- Self Cleanup in post-ex job☆56Updated 9 months ago
- Beacon compiled using clang☆69Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- Binary Hollowing☆76Updated 9 months ago
- ☆40Updated last year
- shellcode生成框架☆86Updated 11 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆49Updated 2 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆52Updated last year
- 使用kcp实现的socks5正向代理☆13Updated last year
- A Blind EDR Project for Educational Purposes☆37Updated 5 months ago
- ☆91Updated 3 years ago
- Bypass EDR Create TaskServers☆37Updated 2 years ago
- kill AV/EDR☆22Updated 2 years ago
- 一个demo☆25Updated last year
- ☆26Updated last year
- Code with Windows Hacker☆13Updated 2 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆75Updated last year
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆44Updated last year
- 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus☆67Updated 2 years ago
- IDA Python script for generating Windows x86 shellcode with one click☆37Updated last year
- PE to shellcode☆27Updated 5 months ago
- ☆31Updated last year
- Shellcode Reductio Entropy Tools☆69Updated last year
- CobaltStrike4.5 Sleeve解密文件,搬砖加一点点修改, 仅作备份使用.☆31Updated 3 years ago
- ☆15Updated 11 months ago
- beta☆116Updated 8 months ago
- ☆34Updated 3 months ago
- ☆10Updated last year