lem0nSec / SkeletonKey
Reproducing the SkeletonKey malware.
☆11Updated 5 months ago
Related projects: ⓘ
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆34Updated 9 months ago
- Modify managed functions from unmanaged code☆49Updated 7 months ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆33Updated 3 weeks ago
- Self Delete DLL☆23Updated 7 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆36Updated 6 months ago
- A way to extract tickets in case I need to purge and restore tickets on the fly.☆15Updated 4 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Bunch of BOF files☆21Updated 7 months ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆17Updated last year
- Windows AppLocker Driver (appid.sys) LPE☆30Updated last month
- API Hammering with C++20☆34Updated 2 years ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆20Updated this week
- Giga-byte Control Center (GCC) is a software package designed for improved user experience of Gigabyte hardware, often found in gaming an…☆30Updated last year
- ☆38Updated this week
- ☆23Updated 4 months ago
- A fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using Instrumentation…☆20Updated 11 months ago
- Offensive Assembly code snippets.☆10Updated last year
- Example of using Sleep to create better named pipes.☆41Updated last year
- ☆27Updated 3 months ago
- Sleep Obfuscation☆39Updated last year
- shell code example☆10Updated 3 weeks ago
- A tool that bypasses Windows Defender by manually loading DLLs, parsing EAT directly, and updating IAT with unhooked functions to run M…☆16Updated 2 months ago
- A work in progress BOF/COFF loader in Rust☆38Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆18Updated 11 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆45Updated this week
- ☆33Updated last year
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆22Updated last month
- ☆11Updated last year