☆57Mar 25, 2024Updated last year
Alternatives and similar repositories for Stealth_shellcode_runners
Users that are interested in Stealth_shellcode_runners are comparing it to the libraries listed below
Sorting:
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- Generate Shellcode Loaders & Injects☆159May 15, 2023Updated 2 years ago
- ☆121Jun 17, 2022Updated 3 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Apr 4, 2023Updated 2 years ago
- Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic lo…☆24Jan 23, 2023Updated 3 years ago
- My personal collection of webshells for educational purposes. Most are custom implementations/adaptations of stuff I found on the interne…☆21May 20, 2024Updated last year
- use shellcode as asm function☆23Mar 29, 2022Updated 3 years ago
- My implementation of Halo's Gate technique in C#☆54Apr 20, 2022Updated 3 years ago
- Tool to obtain hash using MS-SNTP for user accounts☆29Jan 22, 2025Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆220Mar 30, 2022Updated 3 years ago
- badger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles☆54Nov 21, 2024Updated last year
- Custom Python shellcode encryptor and obfuscator☆14Jul 31, 2025Updated 6 months ago
- A repository with my code snippets for research/education purposes.☆53Jul 28, 2023Updated 2 years ago
- XLL Phishing Tradecraft☆439May 24, 2022Updated 3 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆41Sep 23, 2021Updated 4 years ago
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techni…☆1,367Oct 27, 2023Updated 2 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- Parses logs created by Cobalt Strike or Brute Ratel and creates an SQLite DB which can be used to create custom reports.☆24Jan 15, 2026Updated last month
- ☆31Aug 23, 2020Updated 5 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- Lifetime AMSI bypass.☆36Apr 21, 2025Updated 10 months ago
- ☆49Apr 9, 2025Updated 10 months ago
- Create Cobalt Strike malleable C2 profiles with HTTPS configs☆18May 23, 2020Updated 5 years ago
- ☆12Nov 21, 2023Updated 2 years ago
- Aggressor script add-in for CobaltStrike to track file uploads☆48Nov 7, 2022Updated 3 years ago
- CVE-2022-24990 TerraMaster TOS unauthenticated RCE via PHP Object Instantiation☆14Apr 25, 2022Updated 3 years ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Jan 13, 2021Updated 5 years ago
- A local LKM rootkit loader/dropper that lists available security mechanisms☆52Sep 4, 2021Updated 4 years ago
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆125Dec 22, 2021Updated 4 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆193Nov 15, 2022Updated 3 years ago