☆53Apr 17, 2026Updated 2 months ago
Alternatives and similar repositories for PhantomRPC
Users that are interested in PhantomRPC are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Exploitation of CVE-2025-29969☆65Feb 20, 2026Updated 4 months ago
- DSCourier is a proof-of-concept that uses the WinGet Configuration COM API to apply DSC configurations through Microsoft-signed binaries.☆210Jun 25, 2026Updated 2 weeks ago
- BOF POC of the DSCourier project / invoking WinGet via COM☆90Apr 23, 2026Updated 2 months ago
- A credential extraction BOF for Veeam Backup and Replication and Veeam One☆78Jul 1, 2026Updated last week
- Code and data for our paper "Onelogon: Taking over Active Directory Accounts via Netlogon" (WOOT’26).☆107Jun 22, 2026Updated 3 weeks ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- COM Windows Persistence Technique☆89Apr 27, 2026Updated 2 months ago
- CVE-2025-62215 is an Elevation of Privilege (EoP) vulnerability in the Windows Kernel, disclosed in November 2025 and confirmed to be act…☆32Nov 14, 2025Updated 8 months ago
- Another new coercion primitive with LPE - machine-account NTLM coercion from a non-admin user via Windows Store InstallService plugin res…☆86Jun 20, 2026Updated 3 weeks ago
- Memory API proxy via signed mozglue.dll☆40Jun 25, 2026Updated 2 weeks ago
- A sleepmask based on Ekko that preserves unwind data at sleep time.☆54Mar 30, 2026Updated 3 months ago
- Havoc BOF implementation of BYOVD attack to terminate PPL-protected EDR processes using a signed Microsoft kernel driver.☆39Apr 6, 2026Updated 3 months ago
- Set of PoC to abuse Windows minifilters functionality☆93May 1, 2026Updated 2 months ago
- A compiled language for Windows position-independent x86-64 shellcode and Beacon Object Files.☆170Jun 28, 2026Updated 2 weeks ago
- Next-Generation BOF Template | BOF Linter | Obj Rewriter☆58Dec 4, 2025Updated 7 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Kernel Process Termination Tool ( CVE-2026-0828 exploit)☆37Apr 2, 2026Updated 3 months ago
- DCOM in memory and fileless lateral movement techniques through .Net deserilization☆272Jun 22, 2026Updated 3 weeks ago
- ☆23Jan 15, 2025Updated last year
- Proof of concept for Kerberos Armoring abuse.☆86Dec 12, 2025Updated 7 months ago
- Advanced DSE bypass tool for Windows 11 Build 26200+. Features symbol-less kernel resolution via dynamic pattern scanning, KDP bypass via…☆22Jun 29, 2026Updated 2 weeks ago
- A Cobalt Strike BOF implementation of the SilentHarvest registry dumping technique☆182Apr 14, 2026Updated 3 months ago
- WasmForge — compile Go and C# programs to single-binary, WASM-sandboxed native executables with polymorphic output.☆99Jun 24, 2026Updated 2 weeks ago
- goLoL is a Windows host scanner with dual support for LOLBAS binaries and LOLDrivers. It lists LOLBAS techniques runnable at your current…☆66Jun 28, 2026Updated 2 weeks ago
- Polymorphic PE rewriter for Windows x64 , rewrites binaries into semantically identical but byte-different variants☆192Jun 6, 2026Updated last month
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- ☆60Dec 10, 2025Updated 7 months ago
- Static analysis & exploitation-triage toolkit for Windows kernel drivers. Discover IOCTLs, Symbolic Links, and check cert , and Downlaods…☆191Apr 27, 2026Updated 2 months ago
- Dump TGTs remotely and convert Windows' klist binary output to ccache.☆80Jun 30, 2026Updated 2 weeks ago
- CVE-2024-30090 - LPE PoC☆106Oct 17, 2024Updated last year
- Bof of RegPwn by MDSec☆127Mar 15, 2026Updated 3 months ago
- System Call Integrity Layer - experimental security research☆28Apr 14, 2026Updated 3 months ago
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆336Mar 6, 2025Updated last year
- A tool uses the QoS Policy (Pacer.sys) to throttle Endpoint Detection and Response (EDR) agents from connecting to the server.☆300Jun 13, 2026Updated last month
- open source implementation of the UDC2 spec used in Cobalt Strike☆54Jul 4, 2026Updated last week
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Cobaltstrike UDRL with memory evasion☆15May 16, 2024Updated 2 years ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆262Aug 13, 2024Updated last year
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆301May 23, 2026Updated last month
- A Ligolo-ng JavaScript agent working inside Chrome & Chromium-based browsers by leveraging Isolated Web Applications.☆134Mar 30, 2026Updated 3 months ago
- This repo contains the results of an internal re-write of impacket I undertook at my current company. It contains some of the IoCs found …☆313May 24, 2026Updated last month
- ☆72Dec 19, 2024Updated last year
- Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…☆370Feb 2, 2026Updated 5 months ago