m7rick / GoDhijackingLinks
Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response) systems. 红队工具旨在快速识别可劫持程序、逃避防病毒软件和 EDR(端点检测和响应)系统。
☆73Updated 7 months ago
Alternatives and similar repositories for GoDhijacking
Users that are interested in GoDhijacking are comparing it to the libraries listed below
Sorting:
- Binary Hollowing☆82Updated last year
- 主要用于隐藏进程真实路径,进程带windows真签名☆114Updated 11 months ago
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆137Updated last year
- 重构Beacon☆161Updated last year
- 基于个人习惯使用C/C++的shellcode开发项目模板☆50Updated last year
- Hidedump:a lsassdump tools that may bypass EDR☆50Updated last year
- Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术,不使用API进行主线程劫持,不使用PEB…☆81Updated 2 months ago
- go实现的shellcode免杀加载器,实测时可过火绒,360。当前效果请自行评判。☆42Updated last year
- ☆46Updated 10 months ago
- Shellcode Reductio Entropy Tools☆73Updated last year
- File entropy calculator - Golang☆29Updated last year
- This is a third party agent for Havoc C2 written in golang.☆58Updated last year
- Cobalt Strike BOF that Add a user to localgroup by samr☆131Updated 2 years ago
- mssqlproxy python3.5+ 并修复bug☆64Updated 2 years ago
- more conveniently Visual-Studio-BOF-template☆71Updated 2 years ago
- XOR 加密 分离免杀☆67Updated last year
- A cross platform C2/post-exploitation framework☆49Updated 5 months ago
- bypass 360,huorong,tencent,defender with Split loading technique and unhooking☆59Updated 8 months ago
- xiebroC2 plugin☆54Updated 7 months ago
- bypass edr杀软的dumplsass工具☆19Updated 6 months ago
- ☆37Updated 2 years ago
- 快速Go建你的免杀项目☆25Updated last year
- beta☆119Updated last year
- 制作 shellcode 的模板☆29Updated 11 months ago
- 通过C/C++实现的 Windows RID Hijacking persistence technique (RID劫持 影子账户 账户克隆).☆84Updated 3 years ago
- 白文件patch☆21Updated last year
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆77Updated 2 years ago
- FTP lnk调用pythonw程序,用于攻防钓鱼场景下免杀运行捆绑木马文件☆69Updated last year
- 用于解密并加载shellcode,支持RC4和AES两种解密方法,并使用DInvoke来动态调用WinAPI函数,从而尝试绕过某些安全解决方案☆30Updated last year
- PE to shellcode☆28Updated 9 months ago