Proof-of-Concept to evade auditd by tampering via ptrace
☆19Aug 3, 2023Updated 2 years ago
Alternatives and similar repositories for daphne
Users that are interested in daphne are comparing it to the libraries listed below
Sorting:
- Proof-of-Concept to evade auditd by writing /proc/PID/mem☆24Aug 21, 2023Updated 2 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆43Apr 14, 2024Updated last year
- ☆36May 27, 2024Updated last year
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- ☆84May 19, 2024Updated last year
- Persist like a Dodder☆68May 19, 2025Updated 10 months ago
- Loads a program into a memfd and runs it.☆11May 22, 2022Updated 3 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- Tool for reconnaissance of AWS cloud environments☆16Oct 9, 2023Updated 2 years ago
- A malicous Golang Package☆15Apr 21, 2025Updated 11 months ago
- ☆37Feb 12, 2026Updated last month
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- A simple PE loader.☆27Dec 9, 2022Updated 3 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆34Sep 15, 2022Updated 3 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.☆15Feb 29, 2024Updated 2 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Extension functionality for the NightHawk operator client☆26Nov 3, 2023Updated 2 years ago
- ☆57Apr 19, 2023Updated 2 years ago
- ☆24Oct 18, 2022Updated 3 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆43May 24, 2021Updated 4 years ago
- Beacon Object File (BOF) for remote process injection via thread hijacking☆220Jan 13, 2021Updated 5 years ago
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- Tricard - Malware Sandbox Fingerprinting☆23Dec 11, 2023Updated 2 years ago
- Simple KDMapper driver dumper. Unlike other dumpers, this dumper dumps the PE headers of the image too.☆17May 10, 2024Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Jun 24, 2022Updated 3 years ago
- Reverse Engineering and Debugging Malware☆31Feb 27, 2023Updated 3 years ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆65Mar 19, 2024Updated 2 years ago
- Cisco Unfied Call Manager enumeration☆24Jul 13, 2022Updated 3 years ago
- ☆61Aug 30, 2021Updated 4 years ago
- Load a dynamic library from memory using a fuse mount☆31Sep 15, 2023Updated 2 years ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆73Nov 11, 2025Updated 4 months ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆61Jul 10, 2024Updated last year
- ☆25Apr 28, 2024Updated last year