Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.
☆228Aug 10, 2019Updated 6 years ago
Alternatives and similar repositories for zombieant
Users that are interested in zombieant are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A progressive, customizable armored SSH tunnel implant for Linux and MacOS systems☆134Apr 11, 2019Updated 7 years ago
- PE File Blessing - To continue or not to continue☆87Nov 23, 2019Updated 6 years ago
- Using DInvoke to patch AMSI.dll in order to bypass AMSI detections triggered when loading .NET tradecraft via Assembly.Load().☆219Mar 5, 2020Updated 6 years ago
- A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.☆377Aug 13, 2021Updated 4 years ago
- Tool for interacting with outlook interop during red team engagements☆145Jun 29, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Inject .Net payloads into other .Net assemblies on disk☆61Dec 12, 2019Updated 6 years ago
- BlueHatIL 2020 - Staying # and Bringing Covert Injection Tradecraft to .NET☆149Feb 15, 2020Updated 6 years ago
- C&C to deliver files and shuttle command execution instructions between an external actor and an internal agent with the help of Firefox …☆38Dec 8, 2022Updated 3 years ago
- Process reimaging proof of concept code☆96Jun 21, 2019Updated 6 years ago
- C# Targeted Attack Reconnissance Tools☆120Jan 11, 2021Updated 5 years ago
- The full story of the CLR implementation of Meterpreter☆153Jul 29, 2020Updated 5 years ago
- A Bring Your Own Land Toolkit that Doubles as a WMI Provider☆289Oct 31, 2018Updated 7 years ago
- Whitelisting LD_PRELOAD libraries using LD_AUDIT☆63Oct 21, 2021Updated 4 years ago
- Slides and Code for the BHUSA 2019 talk: Flying a False Flag☆240Nov 8, 2019Updated 6 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Adaptive DLL hijacking / dynamic export forwarding☆818Jul 6, 2020Updated 5 years ago
- .NET tool for enumeration processes and dumping memory.☆56Apr 4, 2019Updated 7 years ago
- lateral movement techniques that can be used during red team exercises☆278Jan 13, 2020Updated 6 years ago
- Automate AV evasion by calling AMSI☆88May 31, 2023Updated 2 years ago
- ObscurityLabs RedTeam C# Toolkit☆121Sep 3, 2019Updated 6 years ago
- Managed assembly shellcode generation☆282Mar 19, 2021Updated 5 years ago
- D/Invoke port of UrbanBishop☆108Jul 19, 2020Updated 5 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆192Mar 26, 2020Updated 6 years ago
- Tools for discovery and abuse of COM hijacks☆337Oct 15, 2019Updated 6 years ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Simple packer for arbitrary data using only .NET API calls. Produces a unique signature with every usage. Standalone program and library.…☆93Apr 27, 2019Updated 7 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆329Jul 7, 2023Updated 2 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆334May 3, 2020Updated 6 years ago
- Microsoft Applocker evasion tool☆39Nov 26, 2019Updated 6 years ago
- Adds a user-mode asynchronous procedure call (APC) object to the APC queue of the specified thread and spoof the Parent Process.☆158Jun 10, 2019Updated 6 years ago
- Run shellcode from resource☆257Dec 13, 2020Updated 5 years ago
- Universal Unhooking☆326Sep 19, 2018Updated 7 years ago
- Evade sysmon and windows event logging☆625Apr 8, 2020Updated 6 years ago
- Iterative AD discovery toolkit for offensive operations☆86Mar 16, 2020Updated 6 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Mario & Luigi - Tools for sniffing Windows Named Pipes communication☆129Nov 15, 2016Updated 9 years ago
- Powershell script for enumerating vulnerable DCOM Applications☆266Nov 30, 2018Updated 7 years ago
- dem sharp donuts☆203Sep 11, 2022Updated 3 years ago
- Also known by Microsoft as Knifecoat☆1,145Dec 22, 2022Updated 3 years ago
- Process Injection☆768Oct 24, 2021Updated 4 years ago
- Proper Payload Protection Prevents Poor Performance☆76Jul 27, 2022Updated 3 years ago
- Silencing Sysmon via driver unload☆238Oct 13, 2022Updated 3 years ago