malware-unicorn / GoPEInjection

Related projects: ⓘ

• FULLSHADE / WarFox
  ☆150Updated this week
• Cerbersec / DomainBorrowingC2
  ☆164Updated 3 years ago
• CCob / goreflect
  Reflective DLL loading of your favorite Golang program
  ☆164Updated 4 years ago
• oXis / GPUSleep
  Move CS beacon to GPU memory when sleeping
  ☆212Updated 2 years ago
• Mr-Un1k0d3r / ADHuntTool
  official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)
  ☆230Updated 2 years ago
• byt3bl33d3r / pyMalleableC2
  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
  ☆262Updated 4 months ago
• aus / gopherheaven
  Go implementation of the Heaven's Gate technique
  ☆92Updated 3 years ago
• D00MFist / Go4aRun
  Shellcode runner in GO that incorporates shellcode encryption, remote process injection, block dlls, and spoofed parent process
  ☆227Updated 4 years ago
• CCob / MirrorDump
  Another LSASS dumping tool that uses a dynamically compiled LSA plugin to grab an lsass handle and API hooking for capturing the dump in…
  ☆258Updated 3 years ago
• snovvcrash / NimHollow
  ☆228Updated this week
• bats3c / EvtMute
  Apply a filter to the events being reported by windows event logging
  ☆259Updated 3 years ago
• boku7 / winx64-InjectAllProcessesMeterpreter-Shellcode
  64bit Windows 10 shellcode that injects all processes with Meterpreter reverse shells.
  ☆127Updated last year
• Cobalt-Strike / bof_template
  A Beacon Object File (BOF) is a compiled C program, written to a convention that allows it to execute within a Beacon process and use int…
  ☆111Updated 2 months ago
• S3cur3Th1sSh1t / SharpNamedPipePTH
  Pass the Hash to a named pipe for token Impersonation
  ☆291Updated 9 months ago
• outflanknl / WdToggle
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆212Updated last year
• jbaines-r7 / shakeitoff
  Windows MSI Installer LPE (CVE-2021-43883)
  ☆76Updated 2 years ago
• yoda66 / GoShellcode
  ☆71Updated 2 years ago
• wumb0 / rust_bof
  Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.
  ☆236Updated 7 months ago
• anthemtotheego / CredBandit
  Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…
  ☆206Updated 3 years ago
• airbus-cert / Invoke-Bof
  Load any Beacon Object File using Powershell!
  ☆245Updated 2 years ago
• aahmad097 / BadOutlook
  (kinda) Malicious Outlook Reader
  ☆132Updated 3 years ago
• lexfo / rpc2socks
  Post-exploit tool that enables a SOCKS tunnel via a Windows host using an extensible custom RPC proto over SMB through a named pipe.
  ☆177Updated 3 years ago
• rsmudge / unhook-bof
  Remove API hooks from a Beacon process.
  ☆263Updated 3 years ago
• forrest-orr / artifacts-kit
  Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…
  ☆217Updated 6 months ago
• Flangvik / DLLSideloader
  PowerShell script to generate "proxy" counterparts to easily perform DLL Sideloading
  ☆113Updated 5 years ago
• nick-frischkorn / TymSpecial
  ☆140Updated this week
• ajpc500 / NimlineWhispers
  A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.
  ☆161Updated 3 years ago
• outflanknl / FindObjects-BOF
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆265Updated last year
• subat0mik / whoamsi
  An effort to track security vendors' use of Microsoft's Antimalware Scan Interface
  ☆227Updated 2 years ago