Recreating and reviewing the Windows persistence methods
☆39Nov 18, 2021Updated 4 years ago
Alternatives and similar repositories for Persistence
Users that are interested in Persistence are comparing it to the libraries listed below
Sorting:
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆754Nov 16, 2021Updated 4 years ago
- Process Hollowing demonstration & explanation☆36Feb 25, 2021Updated 5 years ago
- Post-exploitation tool for attacking Active Directory domain controllers☆18Dec 18, 2022Updated 3 years ago
- ☆84Aug 26, 2024Updated last year
- Making Shellcode fully undetectable using uuid☆23May 7, 2021Updated 4 years ago
- ☆65Nov 12, 2022Updated 3 years ago
- A .NET tool for exporting and importing certificates without touching disk.☆502Oct 8, 2021Updated 4 years ago
- Tiny Windows executable that outputs version information about the OS.☆11Feb 1, 2026Updated last month
- Simple library to handle PE files loading, relocating, get/set data, ..., in addition to process handling☆32Aug 7, 2019Updated 6 years ago
- Articles, White Papers, Technical Write-Ups and more authored by members of the GreySec community. Curated by staff, selected for excelle…☆27Aug 17, 2021Updated 4 years ago
- Bypass UAC by hijacking a DLL located in the Native Image Cache☆212Nov 21, 2021Updated 4 years ago
- Some simple scripts for decrypting passwords retrieved from a Manage Engine OpManager installation☆11Jan 28, 2016Updated 10 years ago
- Source Code of MSIL Ransom☆14Feb 11, 2023Updated 3 years ago
- IOCTL-Flooder is a verbose tool designed to help with Windows driver fuzzing by brute forcing IOCTLs on loaded drivers. GetLastError is u…☆11Aug 21, 2018Updated 7 years ago
- Collection of cracked malware☆15Dec 28, 2018Updated 7 years ago
- Miscellaneous Code and Docs☆83Jul 12, 2025Updated 7 months ago
- Suite of Shellcode Running Utilities☆113Jan 30, 2020Updated 6 years ago
- Tips and tricks on reversing and exploiting Windows using free and easy to get tools.☆33Mar 21, 2023Updated 2 years ago
- Tiny keylogger for Win XP/Vista/7/8 with ftp upload.☆14Apr 17, 2022Updated 3 years ago
- Tool for extracting credentials locally stored by web browsers☆37Jun 25, 2022Updated 3 years ago
- Collection of red machine learning projects☆41Aug 16, 2021Updated 4 years ago
- PowerShell Obfuscation and Data Science☆180May 4, 2022Updated 3 years ago
- ☆13Oct 29, 2022Updated 3 years ago
- Use NtSetInformationThread(ThreadBreakOnTermination) for anti-debugging☆15Sep 21, 2019Updated 6 years ago
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- This is a simple example and explanation of obfuscating API resolution via hashing☆237May 25, 2020Updated 5 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Execute an arbitrary command within the context of another process☆21Jun 28, 2019Updated 6 years ago
- Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - CVE-2024-21413 POC☆16Feb 16, 2024Updated 2 years ago
- ☆14Sep 22, 2019Updated 6 years ago
- Using the Windows API to mess with Task Manager in GoLANG☆15Sep 7, 2021Updated 4 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆313Sep 16, 2021Updated 4 years ago
- SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.☆110Jan 20, 2021Updated 5 years ago
- 2 ways of Password Filter DLL to record the plaintext password☆64Apr 17, 2021Updated 4 years ago
- Transacted Hollowing - a PE injection technique, hybrid between ProcessHollowing and ProcessDoppelgänging☆580Mar 8, 2024Updated last year
- Project to enumerate proxy configurations and generate shellcode from CobaltStrike☆140Nov 4, 2020Updated 5 years ago
- Use current thread token to execute command☆15Jan 27, 2021Updated 5 years ago
- PoC code from blog☆16Mar 10, 2020Updated 5 years ago