jakuta-tech / GhostShell
Malware indetectable, with AV bypass techniques, anti-disassembly, etc.
☆83Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for GhostShell
- Convert shellcode generated using pe_2_shellcode to cdb format.☆96Updated 2 years ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆86Updated last year
- Linux x86_64 Process Injection Utility☆58Updated 3 years ago
- Custom Cobalt Strike stagers using different methods of thread execution and memory allocation☆106Updated 4 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆135Updated 2 years ago
- my learning case about windows☆21Updated 2 years ago
- A small (Edited) POC to make defender useless by removing its token privileges and lowering the token integrity☆32Updated 2 years ago
- ☆70Updated 3 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆100Updated 2 years ago
- Exploits Scripts and other tools that are useful during Penetration-Testing or Red Team engagement☆62Updated 2 years ago
- Injects shellcode into remote processes using direct syscalls☆74Updated 3 years ago
- Bypass Detection By Randomising ROR13 API Hashes☆133Updated 2 years ago
- lpe poc for cve-2022-21882☆47Updated 2 years ago
- PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability"☆59Updated 2 years ago
- ☆133Updated 2 years ago
- A spin-off research project. Cobalt Strike x Notion collab 2022☆52Updated 2 years ago
- This project is 'bridge' between the sleep and python language. It allows the control of a Cobalt Strike teamserver through python withou…☆168Updated last year
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 3 years ago
- AV/EDR evasion via direct system calls.☆106Updated 11 months ago
- CVE-2021-1732 poc & exp; tested on 20H2☆67Updated 3 years ago
- Windows NTLM Authentication Backdoor☆236Updated 3 years ago
- Hijack Printconfig.dll to execute shellcode☆98Updated 3 years ago
- Reflective DLL Injection with obfuscated (XOR) shellcode☆72Updated 3 years ago
- C++ Windows Reverse Shell - Universal DLL Hijack | SSL Encryption | Statically Linked☆86Updated 4 years ago