florylsk / ExecIT
Execute shellcode files with rundll32
☆184Updated 9 months ago
Related projects ⓘ
Alternatives and complementary repositories for ExecIT
- Shaco is a linux agent for havoc☆144Updated last year
- Weaponized HellsGate/SigFlip☆194Updated last year
- ☆156Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆278Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆216Updated last year
- Evasive Golang Loader☆130Updated 3 months ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆225Updated last year
- ☆207Updated 6 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆163Updated last month
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆269Updated 3 months ago
- Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE☆201Updated last year
- C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams.☆156Updated last week
- Patching AmsiOpenSession by forcing an error branching☆144Updated last year
- Terminate AV/EDR leveraging BYOVD attack☆78Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆170Updated 8 months ago
- 🐍 Double Venom (DVenom) is a tool that provides an encryption wrapper and loader for your shellcode.☆158Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆155Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆324Updated 11 months ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆227Updated 5 months ago
- Generic PE loader for fast prototyping evasion techniques☆185Updated 4 months ago
- ApexLdr is a DLL Payload Loader written in C☆105Updated 4 months ago
- An App Domain Manager Injection DLL PoC on steroids☆161Updated 11 months ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆227Updated last year
- A Tool that aims to evade av with binary padding☆135Updated 4 months ago
- Extracting NetNTLM without touching lsass.exe☆224Updated 11 months ago
- My implementation of the GIUDA project in C++☆159Updated last year
- ☆175Updated 11 months ago