duhirsch / sigspooxView external linksLinks
Spoofing signatures in Office Open XML Documents (Word, Excel, Powerpoint)
☆26Nov 19, 2022Updated 3 years ago
Alternatives and similar repositories for sigspoox
Users that are interested in sigspoox are comparing it to the libraries listed below
Sorting:
- This library provides functionality for fetching and parsing information about Common Vulnerabilities and Exposures (CVE) using the NIST …☆14May 11, 2023Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆77Dec 30, 2020Updated 5 years ago
- Standalone CIRCLean/KittenGroomer code to sanitize emails.☆11Aug 9, 2018Updated 7 years ago
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Ayaabu is a funny trick that fake the installation of many Antivirus☆12Jul 6, 2016Updated 9 years ago
- A PowerShell script to parse the docx/docm file format and update the template location.☆17Oct 15, 2019Updated 6 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 7 months ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆102Jan 7, 2022Updated 4 years ago
- ☆75Feb 4, 2024Updated 2 years ago
- ☆42Jan 13, 2023Updated 3 years ago
- Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.☆43May 24, 2021Updated 4 years ago
- ☆28Updated this week
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- ☆160Mar 27, 2023Updated 2 years ago
- Smuggle a file to a user's browser☆20Apr 16, 2022Updated 3 years ago
- C# port of LogServiceCrash☆46Oct 7, 2020Updated 5 years ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆95Jun 20, 2019Updated 6 years ago
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- Guide on using the PPPwnGo GUI tool☆11Sep 26, 2024Updated last year
- ☆19Nov 26, 2020Updated 5 years ago
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- Hijack Printconfig.dll to execute shellcode☆100Jan 15, 2021Updated 5 years ago
- C# 编写的用于 Dropbox 文件上传☆20Jan 16, 2022Updated 4 years ago
- lnk_parser is a full rust implementation to parse windows LNK files☆22Jul 12, 2025Updated 7 months ago
- ☆23Mar 9, 2022Updated 3 years ago
- ☆57Jan 1, 2026Updated last month
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆158Jul 22, 2021Updated 4 years ago
- Python script to compress VBA macro files☆24Feb 2, 2023Updated 3 years ago
- C# code to Sandbox Defender (and most probably other AV/EDRs).☆167Apr 22, 2022Updated 3 years ago
- POP3 MITM example☆27Dec 12, 2019Updated 6 years ago
- Shellcode runner in Rust☆34Oct 30, 2020Updated 5 years ago
- Python library to query various sources of threat intelligence for data on domains, file hashes, and IP addresses.☆31Nov 6, 2023Updated 2 years ago
- ☆50Jul 9, 2025Updated 7 months ago
- Bybit API client library for Go (ByBit API connector)☆10Dec 19, 2025Updated last month
- UI for creating LNKs☆106Jun 16, 2021Updated 4 years ago
- UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red …☆349Jul 3, 2022Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- C# Data Collector for BloodHound with CobaltStrike integration (BOF.NET)☆60Apr 13, 2023Updated 2 years ago