Golang PE injection on windows
☆170Aug 2, 2021Updated 4 years ago
Alternatives and similar repositories for GoPEInjection
Users that are interested in GoPEInjection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Read Excel Spreadsheets (XLS/XLSX) using Cobalt Strike's Execute-Assembly☆90Sep 30, 2024Updated last year
- Run PowerShell command without invoking powershell.exe☆35Nov 22, 2021Updated 4 years ago
- ☆133Jul 14, 2021Updated 4 years ago
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆115Jun 7, 2021Updated 4 years ago
- A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls o…☆1,177Feb 25, 2023Updated 3 years ago
- Modular C2 framework aiming to ease post exploitation for red teamers.☆194May 22, 2022Updated 3 years ago
- A little scanner to check the LDAP Signing state☆46Aug 2, 2021Updated 4 years ago
- Phantom DLL hollowing PoC☆372May 23, 2022Updated 3 years ago
- LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript☆345Sep 1, 2021Updated 4 years ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆297Aug 18, 2023Updated 2 years ago
- PoC for UUID shellcode execution using DInvoke☆155Mar 8, 2021Updated 5 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…☆469Mar 8, 2023Updated 3 years ago
- EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…☆290Mar 8, 2023Updated 3 years ago
- Remotely enables Restricted Admin Mode☆215Sep 3, 2021Updated 4 years ago
- Executes position independent shellcode from an encrypted zip☆304Dec 22, 2020Updated 5 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆108Mar 8, 2023Updated 3 years ago
- COFF and BOF Loader written in Nim☆174Aug 1, 2022Updated 3 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- Move CS beacon to GPU memory when sleeping☆251Nov 19, 2021Updated 4 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆142Jan 9, 2022Updated 4 years ago
- Inject .NET assemblies into an existing process☆507Jan 19, 2022Updated 4 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆94Aug 1, 2022Updated 3 years ago
- C# tool for installing a shared network printer abusing the PrinterNightmare bug to allow other network machines easy privesc!☆182Aug 4, 2021Updated 4 years ago
- A Nim implementation of reflective PE-Loading from memory☆300Sep 5, 2024Updated last year
- Really stupid re-implementation of invoke-wmiexec☆217Feb 25, 2023Updated 3 years ago
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- BOF implementation of the research by @jonasLyk and the drafted PoC from @LloydLabs☆186Oct 3, 2021Updated 4 years ago
- Yet another shellcode runner consists of different techniques for evaluating detection capabilities of endpoint security solutions☆495Apr 1, 2021Updated 4 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆129Apr 24, 2022Updated 3 years ago
- Another Go Shellcode Loader using Windows APIs☆141Nov 4, 2021Updated 4 years ago
- It's a go variant of Hells gate! (directly calling windows kernel functions, but from Go!)☆527Oct 12, 2022Updated 3 years ago
- C# Lsass parser☆296Oct 13, 2021Updated 4 years ago
- Cobalt Strike BOF - Bypass AMSI in a remote process with code injection.☆382Mar 8, 2023Updated 3 years ago
- Defense Evasion & Bypass AntiVirus reference☆74Mar 28, 2021Updated 4 years ago
- POCs for Shellcode Injection via Callbacks☆411Feb 23, 2021Updated 5 years ago