ethereal-vx / Persistence
Recreating and reviewing the Windows persistence methods
☆39Updated 3 years ago
Alternatives and similar repositories for Persistence:
Users that are interested in Persistence are comparing it to the libraries listed below
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆39Updated 4 years ago
- ☆37Updated 3 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- ☆50Updated 4 years ago
- ☆59Updated 2 years ago
- A simple COM server which provides a component to run shellcode☆132Updated 4 years ago
- Injects shellcode into remote processes using direct syscalls☆74Updated 4 years ago
- ☆54Updated 3 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- ☆36Updated 3 years ago
- NT AUTHORITY\SYSTEM☆38Updated 4 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆61Updated 2 years ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆28Updated 3 years ago
- ☆14Updated 2 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆98Updated last year
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆54Updated 2 years ago
- "An Introduction to Windows Exploit Development" is an open sourced, free Windows exploit development course I created for the Southeast …☆39Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆102Updated 2 years ago
- An example of COM hijacking using a proxy DLL.☆25Updated 3 years ago
- ☆31Updated 4 years ago
- Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits☆28Updated 2 years ago
- ☆79Updated 4 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆15Updated 4 years ago