☆61Oct 24, 2025Updated 4 months ago
Alternatives and similar repositories for functionpeekaboo
Users that are interested in functionpeekaboo are comparing it to the libraries listed below
Sorting:
- Slides and resources from MCTTP 2025 Talk☆66Oct 26, 2025Updated 4 months ago
- ☆13Jan 21, 2019Updated 7 years ago
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆54Dec 30, 2025Updated 2 months ago
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆64Jan 19, 2026Updated last month
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Process Injection using Thread Name☆299Apr 18, 2025Updated 10 months ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 2 months ago
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- MuddyWater C2 framework research☆12Jun 28, 2023Updated 2 years ago
- ☆31Jul 26, 2024Updated last year
- ☆160Jan 1, 2026Updated last month
- Mythic C2 Agent written in x64 PIC C☆85Jan 29, 2025Updated last year
- Static Encrypt is an crate that encrypts string literals at compile time and only decrypted at runtime when needed.☆57Jan 17, 2026Updated last month
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆50Jan 15, 2021Updated 5 years ago
- Ghidra script which fully parses COFF files☆12Oct 18, 2024Updated last year
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆199Dec 30, 2025Updated 2 months ago
- Supporting PoCs and scripts for my talk "OverLAPS: Overriding LAPS Logic"☆22Oct 12, 2025Updated 4 months ago
- Find jmp gadgets for call stack spoofing.☆74Oct 1, 2025Updated 5 months ago
- An example reference design for a proposed BOF PE☆200Jan 23, 2026Updated last month
- Virtual Trust Level (VTL 1) secure call tracing☆102Feb 12, 2026Updated 2 weeks ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- ☆58Feb 19, 2026Updated last week
- Extract the SAM and SYSTEM hives using the Volume Shadow Copy (VSS) API. With exfiltration and XOR obfuscation options. Implemented in C#…☆339Feb 2, 2026Updated 3 weeks ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆128Jan 28, 2026Updated last month
- Vulnerabilities advisories and PoC☆18Nov 21, 2025Updated 3 months ago
- A set of programs for analyzing common vulnerabilities in COM☆248Sep 8, 2024Updated last year
- idk man this was the default github name☆35Apr 23, 2023Updated 2 years ago
- ☆31May 23, 2024Updated last year
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆115Oct 30, 2025Updated 4 months ago
- Create stealthy, inline, EPT-like hooks using SMAP and SMEP☆61Oct 19, 2024Updated last year
- A C++ proof of concept demonstrating the exploitation of Windows Protected Process Light (PPL) by leveraging COM-to-.NET redirection and …☆334Mar 6, 2025Updated 11 months ago
- A set of LLVM and GCC based plugins that perform code obfuscation.☆140Oct 20, 2025Updated 4 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆169May 17, 2023Updated 2 years ago
- ☆18Feb 29, 2024Updated 2 years ago