klezVirus / koppeling-p
Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
☆76Updated 7 months ago
Alternatives and similar repositories for koppeling-p:
Users that are interested in koppeling-p are comparing it to the libraries listed below
- ☆28Updated 6 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 8 months ago
- ☆47Updated last year
- Section-based payload obfuscation technique for x64☆59Updated 7 months ago
- ☆53Updated 4 months ago
- BOF for C2 framework☆39Updated 4 months ago
- ☆98Updated last year
- Find DLLs with RWX section☆76Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆69Updated 10 months ago
- Lateral Movement via the .NET Profiler☆80Updated 3 months ago
- ☆95Updated last month
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆42Updated last year
- Sample Rust Hooking Engine☆36Updated 11 months ago
- shell code example☆33Updated last week
- ☆52Updated 2 months ago
- ☆94Updated 6 months ago
- Sniffing files generator☆55Updated 2 weeks ago
- ☆81Updated 9 months ago
- ☆48Updated 4 months ago
- ☆58Updated last year
- Construct the payload at runtime using an array of offsets☆62Updated 8 months ago
- Execute dotnet app from unmanaged process☆71Updated 2 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆80Updated 4 months ago
- A pure C version of SymProcAddress☆25Updated 11 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆59Updated 11 months ago