Arsenal of modules to beacon postex
☆102Mar 13, 2026Updated last month
Alternatives and similar repositories for PostEx-Arsenal
Users that are interested in PostEx-Arsenal are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆41Aug 5, 2025Updated 9 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆205Dec 30, 2025Updated 4 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 7 months ago
- UDC2 implementation that provides an ICMP C2 channel☆123Nov 24, 2025Updated 5 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 7 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆20Jul 8, 2022Updated 3 years ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 8 months ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆133Jan 28, 2026Updated 3 months ago
- A reflective DLL development template for the Rust programming language☆119Nov 4, 2025Updated 6 months ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆78Mar 15, 2026Updated last month
- Help red teams find opsec processes during engagements☆43Dec 7, 2024Updated last year
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆120Oct 6, 2025Updated 6 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 5 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆154Apr 18, 2025Updated last year
- 1-Click AI Models by DigitalOcean Gradient • AdDeploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
- Commandline spoofing on Windows☆101Nov 25, 2025Updated 5 months ago
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆120Mar 24, 2026Updated last month
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54May 12, 2025Updated 11 months ago
- SOCKS5 proxy tool that uses Azure Storage services as a means of communication.☆349Mar 21, 2026Updated last month
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 9 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 7 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆139Aug 31, 2025Updated 8 months ago
- ForsHops☆60Mar 25, 2025Updated last year
- Educational proof-of-concept demonstrating DEP/NX bypass using hardware breakpoints, vectored exception handling, and instruction emulati…☆97Oct 17, 2025Updated 6 months ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆220Dec 17, 2025Updated 4 months ago
- Advanced Windows authentication token extraction and decryption tool for red team operations and security research☆94Apr 1, 2026Updated last month
- ☆48Dec 28, 2025Updated 4 months ago
- An example reference design for a proposed BOF PE☆206Jan 23, 2026Updated 3 months ago
- remote process injections using pool party techniques☆71Jun 29, 2025Updated 10 months ago
- rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.☆17Jan 6, 2024Updated 2 years ago
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆126Mar 30, 2026Updated last month
- ☆54May 31, 2025Updated 11 months ago
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆204Apr 21, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆132Jan 23, 2025Updated last year
- BOF to impersonate TrustedInstaller via DISM API trigger and thread impersonation☆125Mar 27, 2026Updated last month
- Python alternative to Mimikatz lsadump::dcshadow☆161Jun 24, 2025Updated 10 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- Load and execute a common object file format (COFF) in the current process☆31Mar 9, 2024Updated 2 years ago
- Beacon Object File (BOF) port of DumpGuard for extracting NTLMv1 hashes from sessions on modern Windows systems.☆215Jan 6, 2026Updated 3 months ago
- find dll base addresses without PEB WALK☆163Jul 13, 2025Updated 9 months ago