hackerhouse-opensource / ArtilleryLinks
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
☆183Updated last year
Alternatives and similar repositories for Artillery
Users that are interested in Artillery are comparing it to the libraries listed below
Sorting:
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆139Updated last year
- Command and Control (C2) framework☆132Updated 7 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated 2 years ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆149Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆155Updated last year
- 「💀」Proof of concept on BYOVD attack☆165Updated last year
- Documents Exfiltration project for fun and educational purposes☆144Updated 2 years ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆153Updated 4 months ago
- Collection of random RedTeam scripts.☆208Updated last year
- ☆163Updated 2 years ago
- This repository implements Threadless Injection in C☆173Updated 2 years ago
- Local & remote Windows DLL Proxying☆169Updated last year
- ☆121Updated last year
- ☆192Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆210Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆309Updated 2 years ago
- Extracting NetNTLM without touching lsass.exe☆240Updated 2 years ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆164Updated 5 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆319Updated 2 years ago
- ☆136Updated last year
- ☆107Updated 2 years ago
- C# AV/EDR Killer using less-known driver (BYOVD)☆181Updated 2 years ago
- Native Syscalls Shellcode Injector☆267Updated 2 years ago
- Basic interactive Windows kernel offensive toolkit written in C☆134Updated 3 months ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆208Updated last month
- A shellcode injection tool showcasing various process injection techniques☆136Updated 2 years ago
- An interactive shell to spoof some LOLBins command line☆187Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆50Updated last year
- Evasive Golang Loader☆138Updated last year
- Execute shellcode files with rundll32☆212Updated last year