danzajork / evasion

Related projects: ⓘ

• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆58Updated 2 years ago
• m0rv4i / Syscalls-Extractor
  ☆53Updated this week
• NorthwaveSecurity / kernel-mii
  Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.
  ☆30Updated last year
• jbaines-r7 / dellicious
  Enabled / Disable LSA Protection via BYOVD
  ☆61Updated 2 years ago
• bhassani / doublepulsar
  DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)
  ☆26Updated 4 years ago
• SecIdiot / TransitionalPeriod
  ☆25Updated this week
• daem0nc0re / HEVD-CSharpKernelPwn
  CSharp Writeups for HackSys Extreme Vulnerable Driver
  ☆43Updated 2 years ago
• djhohnstein / HookDetector
  Playing with PE's and Building Structures by Hand
  ☆22Updated 2 years ago
• thefLink / Memfiddler
  Executes shellcode from a remote server and aims to evade in-memory scanners
  ☆29Updated 4 years ago
• memN0ps / RustSCRunner
  ☆63Updated this week
• ChadMotivation / MalwareDev
  ☆12Updated this week
• CUHKJason / BOF-klist
  A simple BOF implementation of klist using Windows API
  ☆30Updated 2 years ago
• SecIdiot / bootdoor
  ☆31Updated this week
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆59Updated 2 years ago
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆38Updated last year
• 0x3rhy / GetClipboard
  Cobalt Strike Get clipboard plugin
  ☆12Updated last year
• klezVirus / DCKFinder
  Dangling COM Keys Finder
  ☆14Updated 2 years ago
• Allevon412 / PPL_Sandboxer
  ☆79Updated 2 years ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆27Updated last year
• bharadwajyas / ppdump-public
  Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…
  ☆23Updated 4 years ago
• eladshamir / BadWindowsService
  An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities
  ☆43Updated 2 years ago
• Allevon412 / BreadBear
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆30Updated 6 months ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Updated 3 years ago
• Cobalt-Strike / obfuscator-llvm
  ☆37Updated 8 months ago
• aaaddress1 / xlsKami
  Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets
  ☆47Updated 3 years ago
• xforcered / xPipe
  Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions
  ☆51Updated 2 years ago
• hackerhouse-opensource / envschtasksuacbypass
  Bypass UAC elevation on Windows 8 (build 9600) & above.
  ☆53Updated 2 years ago
• 0vercl0k / CVE-2021-32537
  PoC for CVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel.
  ☆57Updated 3 years ago
• OtterHacker / CoffLoader
  ☆48Updated last year
• sliverarmory / injectEtwBypass
  CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)
  ☆30Updated 2 years ago