Shellcode injection using the Windows Debugging API
☆178Jan 4, 2026Updated 4 months ago
Alternatives and similar repositories for DbgNexum
Users that are interested in DbgNexum are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆96Jan 2, 2026Updated 4 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 4 months ago
- A Beacon Object File suite for Microsoft SQL Server that speaks TDS 7.4 on the wire itself☆94Apr 9, 2026Updated 3 weeks ago
- Cobalt Strike BOF☆56Dec 10, 2025Updated 4 months ago
- CVE-2025-59501 POC code☆26Nov 20, 2025Updated 5 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆41Aug 5, 2025Updated 9 months ago
- adws enumeration bof☆172Feb 16, 2026Updated 2 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆47Feb 24, 2026Updated 2 months ago
- ☆85Feb 12, 2026Updated 2 months ago
- ☆54May 31, 2025Updated 11 months ago
- A simple to use single-include Windows API resolver☆22Jul 9, 2024Updated last year
- Enumerate active EDR's on the system☆154Sep 23, 2025Updated 7 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆151Feb 10, 2025Updated last year
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆204Apr 21, 2025Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆133Jan 28, 2026Updated 3 months ago
- Indirect-Shellcode-Executor expoits the miss-configuration/vulnerability present on the API Windows method ReadProcessMemory discovered b…☆85Nov 15, 2025Updated 5 months ago
- Updated version of a long known self deletion technique to work with 24H2.☆62Jun 9, 2025Updated 11 months ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily☆295Apr 20, 2026Updated 2 weeks ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆53Nov 2, 2025Updated 6 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆83Nov 6, 2025Updated 6 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆155Nov 23, 2025Updated 5 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆18Jun 3, 2025Updated 11 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A Qemu Proxmox Template builder project using Packer☆74Dec 5, 2025Updated 5 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆128Dec 23, 2025Updated 4 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆190Jan 11, 2026Updated 3 months ago
- A C# utility for interacting with SCOM☆100Dec 2, 2025Updated 5 months ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆33Dec 31, 2025Updated 4 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 8 months ago
- Proof-of-Concept tool for extracting NTLMv1 hashes from sessions on modern Windows systems.☆672Oct 27, 2025Updated 6 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 6 months ago
- ☆86May 15, 2025Updated 11 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆81Oct 27, 2025Updated 6 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287☆46Oct 28, 2025Updated 6 months ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆267Jun 29, 2024Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆623Feb 21, 2024Updated 2 years ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆308Mar 28, 2026Updated last month
- Docker container for running CobaltStrike 4.7 and above☆25Mar 20, 2025Updated last year
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆295Mar 29, 2026Updated last month