malwareninja / Mockingjay---Vulnerable-DLL-Finder
Mockingjay Process Injection Vulnerable DLL Finder
☆11Updated last year
Related projects: ⓘ
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆110Updated last year
- ☆73Updated 10 months ago
- ☆67Updated this week
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆76Updated last year
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆65Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆75Updated 6 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆143Updated last year
- A basic C2 framework written in C☆53Updated 2 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆34Updated 9 months ago
- ☆116Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆74Updated last year
- ApexLdr is a DLL Payload Loader written in C☆98Updated 2 months ago
- ☆99Updated 2 weeks ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆106Updated last month
- BOF combination of KillDefender and Backstab☆153Updated last year
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆151Updated last year
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.☆44Updated 4 months ago
- Generic PE loader for fast prototyping evasion techniques☆175Updated 2 months ago
- Direct syscalls Injection to bypass AV/EDR☆9Updated 4 months ago
- Modified versions of the Cobalt Strike Process Injection Kit☆85Updated 7 months ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 8 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆93Updated last year
- Threadless shellcode injection tool☆56Updated last month
- ☆18Updated last month
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆163Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆147Updated 10 months ago
- ☆132Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆214Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- Mockingjay process self injection POC☆14Updated last year