dmcxblue / calc_pocLinks
A repository holding Proof of Concepts for executing the calculator application via different file formats
☆42Updated last year
Alternatives and similar repositories for calc_poc
Users that are interested in calc_poc are comparing it to the libraries listed below
Sorting:
- ☆109Updated 8 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆146Updated last year
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆120Updated last year
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆86Updated 7 months ago
- Find DLLs with RWX section☆80Updated 2 years ago
- ☆82Updated last year
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- Create Anti-Copy DRM Malware☆67Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆120Updated 11 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆74Updated 7 months ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section☆107Updated 2 years ago
- ☆114Updated 11 months ago
- Modern PIC implant for Windows (64 & 32 bit)☆103Updated 3 months ago
- A hoontr must hoont☆99Updated 2 months ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆79Updated 6 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆87Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆101Updated 7 months ago
- Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion☆95Updated 3 months ago
- ☆135Updated 8 months ago
- Sniffing files generator☆59Updated 8 months ago
- Do some DLL SideLoading magic☆89Updated 2 years ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆100Updated 7 months ago
- ☆122Updated 2 years ago
- Remotely Enumerate sessions using undocumented Windows Station APIs☆119Updated last year
- ☆83Updated 5 months ago
- Your syscall factory☆125Updated last month
- Lateral Movement via the .NET Profiler☆84Updated 11 months ago
- C# havoc implant☆101Updated 2 years ago