Reproducing the SkeletonKey malware.
☆11Apr 6, 2024Updated last year
Alternatives and similar repositories for SkeletonKey
Users that are interested in SkeletonKey are comparing it to the libraries listed below
Sorting:
- Offensive Assembly code snippets.☆13Jul 12, 2023Updated 2 years ago
- An example of Windows self-replicating malware.☆11Jan 16, 2023Updated 3 years ago
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- Basic interactive Windows kernel offensive toolkit written in C☆137Sep 20, 2025Updated 6 months ago
- A kernel driver to get a Handle to virtually *every* process☆13Jan 16, 2024Updated 2 years ago
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 9 months ago
- Poshito is a Windows C2 over Telegram☆21Oct 30, 2024Updated last year
- IronSharpPack is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then refle…☆118May 2, 2024Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆59Sep 7, 2024Updated last year
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Modifies machine.config for persistence after installing signed .net assembly onto GAC��☆13Mar 17, 2022Updated 4 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Convert binaries to shellcode (C, C#, CPP, ASM, BOF loader, PS to b64)☆18Jun 6, 2025Updated 9 months ago
- ☆60Dec 15, 2023Updated 2 years ago
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 4 years ago
- ☆12Feb 19, 2026Updated last month
- Contexter - A secondary context path traversal / server-side parameter pollution testing tool written in Python 3☆27Aug 18, 2024Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago
- ☆29May 16, 2023Updated 2 years ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆138Jul 23, 2024Updated last year
- Detect userland hooks placed by AV/EDR☆28Sep 4, 2023Updated 2 years ago
- Cisco CallManager User Enumeration☆15Aug 16, 2022Updated 3 years ago
- Info on how to use Kerberos KDC on a non-domain joined host☆53Jul 31, 2024Updated last year
- 抓取应用 ImageView 中的图片☆18Feb 2, 2024Updated 2 years ago
- A powerful all-in-one debugging and admin tool to test and explore game mechanics and functionality in R.E.P.O.☆14Nov 13, 2025Updated 4 months ago
- Load a dynamic library from memory by modifying the native Windows loader☆286Jun 18, 2025Updated 9 months ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆139Jul 10, 2025Updated 8 months ago
- ☆24Apr 28, 2024Updated last year
- Rust port of kdmapper☆22Aug 24, 2021Updated 4 years ago
- ☆13Mar 21, 2024Updated last year
- Exploitation of process killer drivers☆204Oct 17, 2023Updated 2 years ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- ☆108Aug 21, 2024Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆50Feb 29, 2024Updated 2 years ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆88Feb 11, 2024Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆31Sep 26, 2023Updated 2 years ago
- 简单版的PE加载器☆12Aug 11, 2020Updated 5 years ago