improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys
☆49Mar 10, 2023Updated 3 years ago
Alternatives and similar repositories for smbdoor
Users that are interested in smbdoor are comparing it to the libraries listed below
Sorting:
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Client/server code that impersonates TLS 1.3 to disguise C2 activity.☆73Jul 25, 2022Updated 3 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- Windows NTLMSSP library☆11Oct 13, 2020Updated 5 years ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- Infect Shared Files In Memory for Lateral Movement☆193Dec 14, 2022Updated 3 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Walks the Process' VAD list to grab the PTE's corresponding to a usermode virtual address, all to get the physical address☆23Nov 22, 2021Updated 4 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Minifilter Callback Patching Proof-of-Concept☆74Oct 31, 2022Updated 3 years ago
- Windows (ShadowMove) Socket Duplication☆87Apr 19, 2020Updated 5 years ago
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆137Mar 3, 2025Updated last year
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- ☆90Jun 2, 2024Updated last year
- 2022 Updated Kernelmode-Code☆33Mar 23, 2024Updated last year
- Firefox webInjector capable of injecting codes into webpages using a mitmproxy.☆42Oct 30, 2022Updated 3 years ago
- ☆121Nov 21, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- ☆17Mar 25, 2019Updated 6 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- Finding Truth in the Shadows☆123Jan 26, 2023Updated 3 years ago
- ☆274Jan 14, 2023Updated 3 years ago
- Guide for patching AMI Aptio V UEFI firmware to circumvent Secure Boot checks☆132Jun 20, 2024Updated last year
- Detours implementation (x64/x86) which used only ntdll import☆93Oct 14, 2025Updated 4 months ago
- The Definitive Guide To Process Cloning on Windows☆543Jan 3, 2024Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- A small C library for the XChaCha20 stream cipher☆40May 27, 2023Updated 2 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆251Jul 9, 2024Updated last year
- A bunch of scripts and code i wrote.☆149Nov 7, 2024Updated last year
- A simple Nim stager (w/ fiber execution)☆20Jan 31, 2022Updated 4 years ago
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago