Arsenal of modules to beacon postex
☆103Mar 13, 2026Updated 2 months ago
Alternatives and similar repositories for PostEx-Arsenal
Users that are interested in PostEx-Arsenal are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 9 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆206Dec 30, 2025Updated 4 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 8 months ago
- UDC2 implementation that provides an ICMP C2 channel☆124Nov 24, 2025Updated 6 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 8 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 9 months ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆135Jan 28, 2026Updated 3 months ago
- A reflective DLL development template for the Rust programming language☆119Nov 4, 2025Updated 6 months ago
- Help red teams find opsec processes during engagements☆44Dec 7, 2024Updated last year
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆120Oct 6, 2025Updated 7 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 6 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆83Mar 15, 2026Updated 2 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Commandline spoofing on Windows☆101Nov 25, 2025Updated 5 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆55May 12, 2025Updated last year
- SOCKS5 proxy tool that uses Azure Storage services as a means of communication.☆353Mar 21, 2026Updated 2 months ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 10 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 8 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆140Aug 31, 2025Updated 8 months ago
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆124Mar 24, 2026Updated 2 months ago
- ForsHops☆60Mar 25, 2025Updated last year
- Educational proof-of-concept demonstrating DEP/NX bypass using hardware breakpoints, vectored exception handling, and instruction emulati…☆99Oct 17, 2025Updated 7 months ago
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆222Dec 17, 2025Updated 5 months ago
- Advanced Windows authentication token extraction and decryption tool for red team operations and security research☆95Apr 1, 2026Updated last month
- ☆48Dec 28, 2025Updated 4 months ago
- An example reference design for a proposed BOF PE☆207Jan 23, 2026Updated 4 months ago
- remote process injections using pool party techniques☆71Jun 29, 2025Updated 10 months ago
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆127Mar 30, 2026Updated last month
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- ☆54May 31, 2025Updated 11 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆207Apr 21, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆133Jan 23, 2025Updated last year
- Python alternative to Mimikatz lsadump::dcshadow☆162Jun 24, 2025Updated 11 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- Load and execute a common object file format (COFF) in the current process☆31Mar 9, 2024Updated 2 years ago
- Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.☆215Jan 6, 2026Updated 4 months ago
- find dll base addresses without PEB WALK☆163Jul 13, 2025Updated 10 months ago
- One-header configurable C++20 COFF loader☆20Jul 21, 2025Updated 10 months ago