d4rkiZ / EmbedExeLnk-Links
EmbedExeLnk by x86matthew modified by d4rkiZ
☆41Updated 2 years ago
Alternatives and similar repositories for EmbedExeLnk-
Users that are interested in EmbedExeLnk- are comparing it to the libraries listed below
Sorting:
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆61Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆85Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆102Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- ☆72Updated last year
- ☆98Updated last year
- ☆50Updated 3 months ago
- Click Once + App Domain☆64Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆102Updated last year
- BypassCredGuard CS BOF☆47Updated 9 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 8 months ago
- ☆100Updated 2 years ago
- A way to maintain long-term access to Windows LAPS for lateral movement in AD via installing an Offensive LAPS RPC backdoor on a DC.☆28Updated 4 months ago
- ☆45Updated 4 months ago
- ☆33Updated 7 months ago
- I have documented all of the AMSI patches that I learned till now☆74Updated 6 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆54Updated 3 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆134Updated 8 months ago
- A VSCode plugin to assist with BOF development.☆37Updated last year
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆163Updated 2 months ago
- A care package of useful bofs for red team engagments☆55Updated 10 months ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆60Updated 3 years ago
- Using LNK files and user input simulation to start processes under explorer.exe☆27Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆41Updated last year
- Run Cobalt Strike BOFs in Brute Ratel C4!☆71Updated 6 months ago
- ☆56Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆83Updated 3 years ago
- ☆22Updated 8 months ago