Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
☆14Jul 9, 2023Updated 2 years ago
Alternatives and similar repositories for birdnet-poc
Users that are interested in birdnet-poc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- ☆19Dec 18, 2024Updated last year
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- Execute shellcode via Bluetooth device authentication☆41Feb 19, 2025Updated last year
- Find DLLs with RWX section☆80Jul 3, 2023Updated 2 years ago
- Kernel<->Usermode shared memory communcation using manually mapped driver☆22Dec 12, 2021Updated 4 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Coerce Windows authentication by generating, distributing, and cleaning up poisoned files at scale.☆37Mar 22, 2026Updated last month
- [EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction☆17Nov 9, 2024Updated last year
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆31Feb 3, 2023Updated 3 years ago
- OSED Practice binary☆26Nov 23, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- Develop macOS apps on Windows with seamless cross-platform tools.☆16Jun 5, 2025Updated 11 months ago
- Interactive Shells like PsExec, but in Go☆16Apr 30, 2025Updated last year
- A small C/C++ library to lookup Windows error codes.☆22Jul 1, 2024Updated last year
- Remote Shellcode Injector☆221Aug 27, 2023Updated 2 years ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A Scantime Crytper that applies an obfuscation method onto a malware/false-positive so an antivirus cannot successfully match it with any…☆17Jul 6, 2021Updated 4 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- A proof-of-concept C2 channel through DuckDuckGo's image proxy service☆76Nov 12, 2023Updated 2 years ago
- PoC☆12Apr 7, 2025Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆42May 18, 2024Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 10 months ago
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆92Jan 24, 2026Updated 3 months ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A proof-of-concept to demonstrate randomized execution paths and their impact on call stack signatures — ideal for EDR testing, behavior-…☆24Jan 17, 2026Updated 3 months ago
- Ivanti Pulse Secure CVE-2023-46805 Scanner - Based on Assetnote's Research☆13Jan 19, 2024Updated 2 years ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- A 64 bit executable junk code engine for polymorphic malware.☆77Jun 16, 2025Updated 10 months ago
- ☆16Mar 17, 2025Updated last year
- Abusing Remote Windows SMB Shares for Fun and Pen Testing☆15May 23, 2023Updated 2 years ago
- crEAP will identify WPA Enterprise mode EAP types and harvest usernames and/or handshakes if insecure protocols are in use.☆32Mar 15, 2022Updated 4 years ago
- ☆11Feb 19, 2023Updated 3 years ago
- Educational collection of LLVM obfuscation passes. (Feel free to use it for your course)☆35Apr 22, 2026Updated 2 weeks ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Satanic Crypter A powerful tool designed to convert EXE files into BAT files with advanced features and a modern GUI interface.☆12Jan 4, 2025Updated last year
- A PoC for Early Cascade process injection technique.☆216Jan 30, 2025Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆237Jun 22, 2023Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- Attack and introduction (info stealer), start your adventure in MMD☆19Sep 14, 2025Updated 7 months ago
- A scanner for the FortiNet vulnerability CVE-2025-64446☆31Nov 18, 2025Updated 5 months ago