marpie / signed-loaders
signed-loaders documents Windows executables that can be used for side-loading DLLs.
☆67Updated 6 years ago
Alternatives and similar repositories for signed-loaders:
Users that are interested in signed-loaders are comparing it to the libraries listed below
- Shellcode injection POC using syscalls.☆115Updated 4 years ago
- ☆148Updated 4 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 5 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆113Updated 4 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆185Updated 3 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆186Updated 4 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆151Updated 4 years ago
- Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM☆122Updated 4 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆174Updated 4 years ago
- my learning case about windows☆21Updated 3 years ago
- Hijack Printconfig.dll to execute shellcode☆97Updated 4 years ago
- ☆162Updated 3 years ago
- Shellcode injector using direct syscalls☆119Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆278Updated 3 years ago
- CVE-2021-1732 poc & exp; tested on 20H2☆67Updated 3 years ago
- A simple COM server which provides a component to run shellcode☆133Updated 4 years ago
- Beacon Object File (BOF) Creation Helper☆225Updated 2 years ago
- Exploring in-memory execution of .NET☆137Updated 2 years ago
- ☆50Updated 4 years ago
- Privilege Escalation Via RpcSs svc☆176Updated 3 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Updated 5 years ago
- Project to check which Nt/Zw functions your local EDR is hooking☆183Updated 4 years ago
- ☆94Updated 2 years ago
- Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs☆122Updated 2 years ago
- Yet another LSASS dumper☆76Updated 4 years ago
- Security Support Provider Interface☆46Updated 4 years ago
- My CobaltStrike BOFS☆162Updated 2 years ago
- Beacon.dll reverse☆139Updated 3 years ago