loneicewolf / smbdoorView external linksLinks
improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
☆49Mar 10, 2023Updated 2 years ago
Alternatives and similar repositories for smbdoor
Users that are interested in smbdoor are comparing it to the libraries listed below
Sorting:
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆176Mar 15, 2023Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 2 years ago
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆73Jul 25, 2022Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Windows NTLMSSP library☆11Oct 13, 2020Updated 5 years ago
- The code is a pingback to the Dark Vortex blog:☆187Jan 26, 2023Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- Infect Shared Files In Memory for Lateral Movement☆196Dec 14, 2022Updated 3 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Minifilter Callback Patching Proof-of-Concept☆73Oct 31, 2022Updated 3 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆136Mar 3, 2025Updated 11 months ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- ☆16Oct 31, 2022Updated 3 years ago
- ☆90Jun 2, 2024Updated last year
- 2022 Updated Kernelmode-Code☆33Mar 23, 2024Updated last year
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- ☆118Nov 21, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- Detours implementation (x64/x86) which used only ntdll import☆90Oct 14, 2025Updated 4 months ago
- Finding Truth in the Shadows☆120Jan 26, 2023Updated 3 years ago
- Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks☆131Jun 20, 2024Updated last year
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- ☆17Mar 25, 2019Updated 6 years ago
- ☆274Jan 14, 2023Updated 3 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆138Sep 12, 2022Updated 3 years ago
- The Definitive Guide To Process Cloning on Windows☆539Jan 3, 2024Updated 2 years ago
- A small C library for the XChaCha20 stream cipher☆39May 27, 2023Updated 2 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆246Jul 9, 2024Updated last year
- A C implementation of the Sektor7 "A Thief" Windows privesc technique.☆70Mar 25, 2022Updated 3 years ago
- A bunch of scripts and code i wrote.☆149Nov 7, 2024Updated last year
- A simple Nim stager (w/ fiber execution)☆20Jan 31, 2022Updated 4 years ago
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year