loneicewolf / EXEC_LKM
A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on how to compile) reverse shell provided in C.
☆12Updated 9 months ago
Related projects: ⓘ
- ☆19Updated this week
- A simple injector that uses LoadLibraryA☆15Updated 4 years ago
- Collection of shellcode injection and execution techniques☆17Updated 3 years ago
- ollvm, based on llvm-clang 5.0.2, 6.0.1, 7.0.1, 8.0, 9.0, 9.0.1☆18Updated 2 years ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated last year
- ☆17Updated this week
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆21Updated 2 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Updated last year
- Simple POC of Voice C2 using Speech Recognition☆13Updated 2 years ago
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆31Updated last year
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated last year
- Playing with PE's and Building Structures by Hand☆22Updated 2 years ago
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆59Updated 2 years ago
- A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/☆30Updated 6 months ago
- Repository for dirty scripts and PoCs☆16Updated last year
- ☆13Updated this week
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆29Updated 2 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆43Updated 2 years ago
- Yet, Another Packer/Loader☆25Updated last year
- A C port of b33f's UrbanBishop☆35Updated 3 years ago
- ☆50Updated this week
- Injects shellcode into remote processes using direct syscalls☆74Updated 3 years ago
- Obfuscated Powershell Empire 2.x stager that allows for creation of a macro which uses VBA to backdoor .lnk files on the system. This is…☆17Updated 6 years ago
- ☆12Updated 2 years ago
- ☆44Updated 3 years ago
- ☆50Updated this week
- Another AMSI bypass - but in C++.☆25Updated last year