hackerhouse-opensource / Artillery
CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator.
☆175Updated last year
Alternatives and similar repositories for Artillery:
Users that are interested in Artillery are comparing it to the libraries listed below
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆151Updated 10 months ago
- ☆171Updated 4 months ago
- A PowerShell console in C/C++ with all the security features disabled☆214Updated this week
- Local & remote Windows DLL Proxying☆162Updated 9 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- Evade EDR's the simple way, by not touching any of the API's they hook.☆90Updated last month
- Slides & Code snippets for a workshop held @ x33fcon 2024☆255Updated 9 months ago
- ☆146Updated 7 months ago
- 「💀」Proof of concept on BYOVD attack☆155Updated 3 months ago
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- ☆165Updated last year
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆149Updated last week
- Sleep obfuscation☆210Updated 3 months ago
- Open Source C&C Specification☆241Updated 3 weeks ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆184Updated last year
- ☆254Updated last year
- Documents Exfiltration project for fun and educational purposes☆145Updated last year
- This repository implements Threadless Injection in C☆161Updated last year
- ☆150Updated 3 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆348Updated 3 months ago
- ☆137Updated last year
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆180Updated 6 months ago
- Stage 0☆154Updated 3 months ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆289Updated last year
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆232Updated 3 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆257Updated 6 months ago
- Windows rootkit designed to work with BYOVD exploits☆170Updated 2 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆157Updated 9 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆96Updated last year
- Patching AmsiOpenSession by forcing an error branching☆144Updated last year