d4rckh / WindowsPotatoesLinks
A list of windows potatoes!
☆26Updated 3 years ago
Alternatives and similar repositories for WindowsPotatoes
Users that are interested in WindowsPotatoes are comparing it to the libraries listed below
Sorting:
- D/Invoke implementation in Nim☆103Updated 3 years ago
- RDPThief donut shellcode inject into mstsc☆88Updated 4 years ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Updated 2 years ago
- Rewrote HellsGate in C# for fun and learning☆86Updated 3 years ago
- Remove API hooks from a Beacon process.☆58Updated 3 years ago
- ☆55Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆116Updated last year
- maldev obviously☆27Updated 4 months ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Updated 2 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆96Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆99Updated 3 years ago
- A fake AMSI Provider which can be used for persistence.☆152Updated 4 years ago
- ☆26Updated 4 years ago
- Smart Card PIN swiping DLL☆78Updated 4 years ago
- Implementation of b4rtiks's SharpMiniDump using NTFS transactions to avoid writting the minidump to disk and exfiltrating it via HTTPS us…☆71Updated 4 years ago
- MiniDumpWriteDump behavior modification hook☆50Updated 4 years ago
- cobalt strike tools☆31Updated 3 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆87Updated 2 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆103Updated 3 years ago
- ☆101Updated 4 years ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆68Updated last year
- .NET project for installing Persistence☆63Updated 3 years ago
- RDLL for Cobalt Strike beacon to silence sysmon process☆89Updated 3 years ago
- DoppelGate relies on reading ntdll on disk to grab syscall stubs, and patches these syscall stubs into desired functions to bypass Userla…☆122Updated 3 years ago
- WNF Code Execution Library Using C#☆111Updated 5 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆53Updated 4 years ago
- ☆59Updated 4 years ago
- It's pointy and it hurts!☆126Updated 2 years ago
- Grab Firefox post requests by hooking PR_Write function from nss3.dll module using trampoline hook to get passwords and emails of users☆42Updated 2 years ago