COM Windows Persistence Technique
☆89Apr 27, 2026Updated 2 months ago
Alternatives and similar repositories for RightHand-Persistence
Users that are interested in RightHand-Persistence are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Usermode detector that catches indirect syscalls. Traps Hell's Hall, Tartarus' Gate, RecycledGate, and VEH syscalls & Many more.☆84Jun 15, 2026Updated 3 weeks ago
- Evasive loader for .NET Framework assemblies☆44May 14, 2026Updated 2 months ago
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 2 weeks ago
- NØW is a word-based shellcode encoding and obfuscation tool that transforms raw shellcode bytes into natural-looking English prose.☆68Jun 24, 2026Updated 2 weeks ago
- A EDR bypassing shellcode loader framework for Windows 10 64bit, featuring ETW/AMSI patching, Tartarus Gate, process protection and more☆57Jun 24, 2026Updated 2 weeks ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Async BOF to automatically extract or renew Kerberos TGTs on a target system.☆134Updated this week
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- Clean Indirect Syscalls with Hook Evasion & Return Address Spoofing.☆97Apr 30, 2026Updated 2 months ago
- Set of PoC to abuse Windows minifilters functionality☆93May 1, 2026Updated 2 months ago
- Fritter is a heavily modified fork of TheWover and Odzhan's Donut shellcode generator.☆243Jun 11, 2026Updated last month
- Automatically deploying Mythic C2 in Azure using Terraform☆20Jul 3, 2026Updated last week
- A POC tool for exploring dev-tunnels☆66May 5, 2026Updated 2 months ago
- Advanced EDR Evasion via AI Telemetry Spoofing & WASM Sandboxing. Project Onyx is a PoC Red Team pipeline designed to demonstrate advance…☆113Jun 30, 2026Updated 2 weeks ago
- Async BOF to capture KeePass master passwords by detecting and keylogging locked database windows.☆46Jun 18, 2026Updated 3 weeks ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Phantom-Evasion-Loader is a standalone, pure x64 Assembly injection engine engineered to minimize the detection surface of modern EDR/XDR…☆108Updated this week
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- BAADTokenBroker is a post-exploitation tool designed to interact with Microsoft Entra ID device-bound keys.☆83Apr 11, 2026Updated 3 months ago
- ExportHider: Generating Export Table during Runtime to Hide the Exported Functions from the DLL File.☆33Apr 12, 2026Updated 3 months ago
- AdaptixC2 default beacon agent extended to support Crystal Palace loaders.☆62May 4, 2026Updated 2 months ago
- A PoC Cobalt Strike UDRL written in Rust☆31Jun 20, 2026Updated 3 weeks ago
- Static analysis & exploitation-triage toolkit for Windows kernel drivers. Discover IOCTLs, Symbolic Links, and check cert , and Downlaods…☆191Apr 27, 2026Updated 2 months ago
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 3 months ago
- Evasive loader for .NET Framework assemblies☆82May 12, 2026Updated 2 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- Polymorphic AV/AMSI bypass toolkit - Donut shellcode runner for offensive .NET/PE tools☆36May 26, 2026Updated last month
- Staged DLL injection proof-of-concept built in C using Win32 APIs — developed in an isolated lab environment for red team certification s…☆40Jun 4, 2026Updated last month
- KslDump — Why bring your own knife when Defender already left one in the kitchen?☆392Apr 13, 2026Updated 3 months ago
- A Cobalt Strike Beacon Object File that exploits the BlueHammer vulnerability that to obtain a copy of the SAM database.☆166Apr 15, 2026Updated 2 months ago
- Activation Context Hijacking Evasion Tool☆293Jun 17, 2026Updated 3 weeks ago
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated last week
- Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID☆176Updated this week
- Impersonate Tokens using only NTAPI functions☆85Apr 4, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- multi layer encryption for payloads with options of delivery welcome to the Tenebris side☆25May 9, 2026Updated 2 months ago
- Monitor the Windows Event Log with grep-like features or filtering for specific Event IDs☆134Mar 26, 2026Updated 3 months ago
- Command Augmentation support for BOFs and .NET assemblies across agents☆50Updated this week
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆134Mar 30, 2026Updated 3 months ago
- Automated DLL Hijacking Discovery, Validation, and Confirmation. Turning local misconfigurations into weaponized, confirmed attack paths.☆394Jun 20, 2026Updated 3 weeks ago
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- ☆31Apr 2, 2026Updated 3 months ago