Shellcode injection using the Windows Debugging API
☆171Jan 4, 2026Updated 2 months ago
Alternatives and similar repositories for DbgNexum
Users that are interested in DbgNexum are comparing it to the libraries listed below
Sorting:
- Remote BOF Runner is a Havoc extension framework for remote execution of Beacon Object Files (BOFs) using a PIC loader made with Crystal …☆89Jan 2, 2026Updated 2 months ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 3 months ago
- ☆75Feb 12, 2026Updated 3 weeks ago
- adws enumeration bof☆169Feb 16, 2026Updated 3 weeks ago
- Cobalt Strike BOF☆43Dec 10, 2025Updated 2 months ago
- modified mssqlclient from impacket to extract policies from the SCCM database☆44Feb 24, 2026Updated last week
- ☆55May 31, 2025Updated 9 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- This repo hosts a poc of how to execute F# code within an unmanaged process☆70Jun 25, 2024Updated last year
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- Enumerate active EDR's on the system☆152Sep 23, 2025Updated 5 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆187Jan 11, 2026Updated last month
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆128Jan 28, 2026Updated last month
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆63Jan 5, 2026Updated 2 months ago
- ☆86May 15, 2025Updated 9 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- A C# utility for interacting with SCOM☆96Dec 2, 2025Updated 3 months ago
- Automated DLL Hijacking Detection Tool with Zero False Positives — Discovers, filters, and canary-confirms exploitable DLL hijacks on Win…☆135Updated this week
- A Qemu Proxmox Template builder project using Packer☆72Dec 5, 2025Updated 3 months ago
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆152Nov 23, 2025Updated 3 months ago
- CyberShield 2025 Intro to EDR Evasion Class☆17Jun 3, 2025Updated 9 months ago
- Helps defenders find their WSUS configurations in the wake of CVE-2025-59287�☆46Oct 28, 2025Updated 4 months ago
- A python tool to map the access rights of network shares into a BloodHound OpenGraphs easily☆270Feb 5, 2026Updated last month
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 9 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆80Nov 6, 2025Updated 4 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- ☆198Mar 28, 2025Updated 11 months ago
- Dig your way out of networks like a Meerkat using SSH tunnels via ClickOnce.☆275May 2, 2025Updated 10 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- Disconnected RSAT - A method of running Group Policy Manager, Certificate Authority and Certificate Templates MMC snap-ins from non-domai…☆275Dec 27, 2024Updated last year
- A havoc UI python module to help in reporting and vulnerabilities to exploit on an internal network.☆14Oct 31, 2023Updated 2 years ago
- PowerShell-based utility for mapping byte offsets to source code using hex and ASCII context for detection research and red team tooling.☆31Dec 31, 2025Updated 2 months ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆407Aug 22, 2023Updated 2 years ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- Collection of UAC Bypass Techniques Weaponized as BOFs☆609Feb 21, 2024Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆85Feb 26, 2023Updated 3 years ago
- Library of BOFs to interact with SQL servers☆223Dec 3, 2025Updated 3 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆146Dec 6, 2025Updated 3 months ago
- A PowerShell console in C/C++ with all the security features disabled☆368Oct 14, 2025Updated 4 months ago