itm4n / PPLrevenant

Related projects ⓘ

Alternatives and complementary repositories for PPLrevenant

• klezVirus / RpcProxyInvoke
  Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar
  ☆117Updated 3 months ago
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆155Updated 2 months ago
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆278Updated last year
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆148Updated 5 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• Octoberfest7 / enumhandles_BOF
  ☆116Updated 2 months ago
• 0xHossam / HuffLoader
  Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader
  ☆84Updated 8 months ago
• OtterHacker / SetProcessInjection
  ☆142Updated last year
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆164Updated last year
• ipSlav / DirtyCLR
  An App Domain Manager Injection DLL PoC on steroids
  ☆161Updated 11 months ago
• JanielDary / ImmoralFiber
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆209Updated 2 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆146Updated 3 weeks ago
• SaadAhla / D1rkSleep
  Improved version of EKKO by @5pider that Encrypts only Image Sections
  ☆113Updated last year
• nettitude / Tartarus-TpAllocInject
  ☆175Updated 11 months ago
• gabriellandau / EDRSandblast-GodFault
  EDRSandblast-GodFault
  ☆240Updated last year
• NtDallas / KrakenMask
  Sleep obfuscation
  ☆144Updated last week
• mansk1es / GhostFart
  ☆133Updated last year
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆148Updated 10 months ago
• decoder-it / RelabelAbuse
  ☆59Updated 5 months ago
• passthehashbrowns / BOFMask
  ☆108Updated last year
• xalicex / Killers
  Exploitation of process killer drivers
  ☆188Updated last year
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆156Updated last year
• ProcessusT / Venoma
  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution
  ☆164Updated 8 months ago
• Octoberfest7 / DropSpawn_BOF
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆216Updated last year
• Cipher7 / ApexLdr
  ApexLdr is a DLL Payload Loader written in C
  ☆104Updated 4 months ago
• BlackSnufkin / NyxInvoke
  NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…
  ☆158Updated last month
• rweijnen / createdump
  Leverage WindowsApp createdump tool to obtain an lsass dump
  ☆142Updated 2 months ago
• safedv / RustVEHSyscalls
  Rust port of LayeredSyscall, designed to perform indirect syscalls while generating legitimate API call stack frames by abusing Vectored …
  ☆104Updated 3 weeks ago