f1zm0 / hades
Go shellcode loader that combines multiple evasion techniques
☆337Updated last year
Related projects: ⓘ
- A list of python tools to help create an OPSEC-safe Cobalt Strike profile.☆355Updated 6 months ago
- indirect syscalls for AV/EDR evasion in Go assembly☆303Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆459Updated 10 months ago
- A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk☆417Updated 2 months ago
- Terminate AV/EDR Processes using kernel driver☆306Updated last year
- ☆309Updated this week
- Credential Guard Bypass Via Patching Wdigest Memory☆304Updated last year
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆454Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFs☆380Updated 6 months ago
- shellcode loader for your evasion needs☆257Updated 3 months ago
- UAC Bypass By Abusing Kerberos Tickets☆470Updated last year
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆365Updated last year
- elevate to SYSTEM any way we can! Metasploit and PSEXEC getsystem alternative☆336Updated 10 months ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆510Updated 2 months ago
- A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.☆436Updated 5 months ago
- Evasive shellcode loader, hooks detector and more☆204Updated 9 months ago
- Bypassing UAC with SSPI Datagram Contexts☆335Updated 11 months ago
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆269Updated last month
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆365Updated 3 months ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆316Updated last month
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆296Updated last year
- Kill AV/EDR leveraging BYOVD attack☆301Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆314Updated 8 months ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆291Updated last year
- Creating a repository with all public Beacon Object Files (BoFs)☆407Updated last year
- Escalate Service Account To LocalSystem via Kerberos☆387Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆259Updated 5 months ago
- Command and Control Framework written in C#☆367Updated last year
- A Windows potato to privesc☆337Updated 3 weeks ago
- Fileless atexec, no more need for port 445☆321Updated 5 months ago