Golang PE injection on windows
☆170Aug 2, 2021Updated 4 years ago
Alternatives and similar repositories for GoPEInjection
Users that are interested in GoPEInjection are comparing it to the libraries listed below
Sorting:
- Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly☆90Sep 30, 2024Updated last year
- ☆133Jul 14, 2021Updated 4 years ago
- Modular C2 framework aiming to ease post exploitation for red teamers.☆194May 22, 2022Updated 3 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆345Sep 1, 2021Updated 4 years ago
- Phantom DLL hollowing PoC☆370May 23, 2022Updated 3 years ago
- PoC for UUID shellcode execution using DInvoke☆155Mar 8, 2021Updated 4 years ago
- A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls o…☆1,172Feb 25, 2023Updated 3 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- C# version of MDSec's ParallelSyscalls☆141Jan 9, 2022Updated 4 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- Move CS beacon to GPU memory when sleeping☆251Nov 19, 2021Updated 4 years ago
- Inject .NET assemblies into an existing process☆508Jan 19, 2022Updated 4 years ago
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 2 years ago
- Process Ghosting - a PE injection technique, similar to Process Doppelgänging, but using a delete-pending file instead of a transacted fi…☆684Mar 11, 2024Updated last year
- Executes position independent shellcode from an encrypted zip☆304Dec 22, 2020Updated 5 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆115Jun 7, 2021Updated 4 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆183Aug 4, 2021Updated 4 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆291Mar 8, 2023Updated 2 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆95Aug 1, 2022Updated 3 years ago
- Really stupid re-implementation of invoke-wmiexec☆217Feb 25, 2023Updated 3 years ago
- A Nim implementation of reflective PE-Loading from memory☆300Sep 5, 2024Updated last year
- Run PowerShell command without invoking powershell.exe☆35Nov 22, 2021Updated 4 years ago
- COFF and BOF Loader written in Nim☆175Aug 1, 2022Updated 3 years ago
- Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions☆494Apr 1, 2021Updated 4 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 5 years ago
- C# Based Universal API Unhooker☆411Feb 18, 2022Updated 4 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆108Mar 8, 2023Updated 2 years ago
- A shellcode function to encrypt a running process image when sleeping.☆340Sep 11, 2021Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆187Oct 3, 2021Updated 4 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 2 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- RefleXXion is a utility designed to aid in bypassing user-mode hooks utilised by AV/EPP/EDR etc. In order to bypass the user-mode hooks, …☆501Jan 25, 2022Updated 4 years ago