☆74Jul 23, 2021Updated 4 years ago
Alternatives and similar repositories for ProcessGhosting
Users that are interested in ProcessGhosting are comparing it to the libraries listed below
Sorting:
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- 创建服务持久化☆108Apr 26, 2021Updated 4 years ago
- ☆82Feb 12, 2022Updated 4 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- PrintNightMare LPE提权漏洞的CS 反射加载插件。开箱即用、通过内存加载、混淆加载的驱动名称来ByPass Defender/EDR。☆148Sep 1, 2021Updated 4 years ago
- HackBrowserData的反射模块☆177Mar 13, 2021Updated 5 years ago
- Cobalt Strike BOF that Add an admin user☆79Oct 11, 2022Updated 3 years ago
- ☆36Sep 7, 2020Updated 5 years ago
- Bypass cobaltstrike beacon config scan☆84May 24, 2021Updated 4 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆204Feb 23, 2022Updated 4 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Web ExternalC2 Demo☆52Aug 18, 2020Updated 5 years ago
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Nov 4, 2021Updated 4 years ago
- 一款基于webshell命令执行功能实现的GUI webshell管理工具,支持流量加密☆219Jun 4, 2021Updated 4 years ago
- CobaltStrike Beacon written in .Net 4 用.net重写了stager及Beacon,其中包括正常上线、文件管理、进程管理、令牌管理、结合SysCall进行注入、原生端口转发、关ETW等一系列功能☆729Sep 1, 2021Updated 4 years ago
- ☆82Dec 24, 2021Updated 4 years ago
- Command line interface to dump LSASS memory to disk via SilentProcessExit☆454Dec 23, 2020Updated 5 years ago
- Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆26Dec 3, 2021Updated 4 years ago
- Memshell☆294Dec 7, 2021Updated 4 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- Hides processes from the windows task manager using IAT hooking.☆22Mar 30, 2021Updated 4 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 4 years ago
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆331Sep 10, 2024Updated last year
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆115Jun 7, 2021Updated 4 years ago
- WINDOWS TELEMETRY权限维持☆258Jul 2, 2020Updated 5 years ago
- Offensive tools written for practice purposes☆162Sep 23, 2022Updated 3 years ago
- ☆88Jun 28, 2022Updated 3 years ago
- AntSword(蚁剑)全参数流量XOR和Base64加伪装WebShell☆163Sep 28, 2021Updated 4 years ago
- Tool scan EternalBlue by golang☆21Sep 13, 2019Updated 6 years ago
- 40行代码检测到大部分CobaltStrike的shellcode☆294Jul 25, 2021Updated 4 years ago
- e-mesaage <=4.15 后台jar包上传exp☆47Mar 15, 2019Updated 7 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- 后渗透持久化控制平台; Windows Persistence Platform;☆46Sep 16, 2021Updated 4 years ago
- Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)☆64Feb 14, 2022Updated 4 years ago
- Misc TaskScheduler Plays☆238Sep 27, 2022Updated 3 years ago
- RPC远程主机信息匿名扫描工具☆319Sep 30, 2022Updated 3 years ago