florylsk / NtDump
Indirect NT syscalls LSASS dumper.
☆36Updated last year
Related projects ⓘ
Alternatives and complementary repositories for NtDump
- Beacon Debugger☆36Updated 3 weeks ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆41Updated last year
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆41Updated 2 years ago
- x64 version☆30Updated 3 years ago
- ☆62Updated 9 months ago
- Evasive loader to bypass static detection☆54Updated 10 months ago
- ☆51Updated last year
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆28Updated 4 months ago
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆41Updated 2 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Updated 2 years ago
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆37Updated 10 months ago
- Artemis - C++ Hell's Gate Syscall Implementation☆30Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- HookDetection☆44Updated 3 years ago
- ELF Beacon Object File (BOF) Template☆44Updated last week
- old postex for grabbing a krbtgs for my current user☆28Updated last year
- Titan: A generic user defined reflective DLL for Cobalt Strike☆71Updated 2 years ago
- ☆12Updated 2 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆49Updated 2 years ago
- A Cobalt Strike memory evasion loader for redteamers☆95Updated last year
- C# Tool to interact with MS Exchange based on MS docs☆98Updated last year
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆42Updated 8 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆95Updated last year
- Using fibers to execute shellcode in a local process via csharp☆28Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 11 months ago
- Cobalt Strike (CS) Beacon Object File (BOF) foundation for kernel exploitation using CVE-2021-21551.☆79Updated last year
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆30Updated 2 years ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆32Updated last year