Surgical UNWIND_INFO preservation for sleep masking without call stack spoofing.
☆54Mar 30, 2026Updated 2 months ago
Alternatives and similar repositories for InsomniacUnwindingCrossProcess
Users that are interested in InsomniacUnwindingCrossProcess are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆21Jul 15, 2025Updated 11 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Aug 18, 2025Updated 10 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated last year
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 5 months ago
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 6 months ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- Cobalt Strike Beacon Object File to to change the user's desktop wallpaper☆17Sep 15, 2023Updated 2 years ago
- WinDbg plugin to trace module transitions from a debugged driver.☆54Dec 22, 2025Updated 5 months ago
- Execute commands, in/exfiltrate files using your custom RPC Server☆70Jan 13, 2026Updated 5 months ago
- Blog/Journal on how to backdoor VSCode extensions☆80Feb 24, 2026Updated 3 months ago
- template for developing custom C2 channels for Cobalt Strike using IAT hooks applied by a reflective loader.☆105Jan 10, 2026Updated 5 months ago
- ☆36Jul 1, 2025Updated 11 months ago
- Terminate AV/EDR processes by exploiting the vulnerable NsecSoft driver☆31Sep 15, 2025Updated 9 months ago
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- A portable bridge between your C2 infrastructure and Discord, built for quick and lightweight operations.☆13Jun 3, 2025Updated last year
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…☆129Jan 21, 2026Updated 4 months ago
- Non organized Cpp code files I used for my research on Windows☆27Aug 9, 2020Updated 5 years ago
- A Cobalt Strike RL built with Crystal Palac; module overloading, NtContinue entry transfer, call stack spoofing, sleep masking, and stati…☆217Mar 15, 2026Updated 3 months ago
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆74Dec 26, 2025Updated 5 months ago
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆32Aug 23, 2023Updated 2 years ago
- A hoontr must hoont☆106Nov 27, 2025Updated 6 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆112Apr 16, 2026Updated 2 months ago
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 7 months ago
- ☆59Jun 10, 2026Updated last week
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 5 months ago
- Selective In-Memory Syscall Unhooking, a stealthy method to bypass user-mode hooks in ntdll.dll☆41Mar 11, 2026Updated 3 months ago
- A collection of PoCs to do common things in unconventional ways☆121Aug 31, 2025Updated 9 months ago
- Beacon Object File (BOF) for Using the BadSuccessor Technique for Account Takeover☆88Oct 20, 2025Updated 7 months ago
- Bof of RegPwn by MDSec☆124Mar 15, 2026Updated 3 months ago
- A lightweight redirector for Google Cloud Run, enabling domain fronting via Google-owned infrastructure.☆144Nov 12, 2025Updated 7 months ago
- Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various method…☆22Jun 4, 2026Updated last week
- A guide to modern exploit development, shellcode, EDR and WAF bypass, and initial Red Team access.☆28Mar 6, 2026Updated 3 months ago
- A large collection of blogs 🦐☆13Apr 12, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Demonstrating 3 persistence layers from a single EXE, that converts itself into proxy DLLs at runtime☆90Mar 29, 2026Updated 2 months ago
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆121Dec 21, 2025Updated 5 months ago
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆176Sep 3, 2025Updated 9 months ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 9 months ago
- C# Based Universal API Unhooker - Automatically Unhook API Hives (ntdll.dll,kernel32.dll,user32.dll,and kernelbase.dll)☆24Mar 7, 2023Updated 3 years ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A Rust template for writing Beacon Object Files (BOFs)☆128Feb 11, 2026Updated 4 months ago