florylsk / NtDump
Indirect NT syscalls LSASS dumper.
☆32Updated last year
Related projects ⓘ
Alternatives and complementary repositories for NtDump
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆41Updated last year
- Beacon Debugger☆30Updated last week
- ☆51Updated last year
- Cobaltstrike BOF to unhook any Nt api☆14Updated last year
- x64 version☆30Updated 3 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆49Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 10 months ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆41Updated 2 years ago
- ☆61Updated 9 months ago
- TypeLib persistence technique☆68Updated 2 weeks ago
- Artemis - C++ Hell's Gate Syscall Implementation☆30Updated last year
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Updated 2 years ago
- ELF Beacon Object File (BOF) Template☆32Updated 2 months ago
- ☆37Updated 9 months ago
- Titan: A generic user defined reflective DLL for Cobalt Strike☆70Updated last year
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆28Updated 3 months ago
- HookDetection☆44Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆94Updated last year
- Using LNK files and user input simulation to start processes under explorer.exe☆23Updated last month
- ☆20Updated 2 months ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆30Updated 2 years ago
- ☆53Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆53Updated 2 weeks ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆36Updated 9 months ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 9 months ago
- ☆12Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year