☆61Oct 24, 2025Updated 4 months ago
Alternatives and similar repositories for functionpeekaboo
Users that are interested in functionpeekaboo are comparing it to the libraries listed below
Sorting:
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Slides and resources from MCTTP 2025 Talk☆67Oct 26, 2025Updated 4 months ago
- Minimalistic HTTP(S) client for the NT kernel☆62Dec 1, 2025Updated 3 months ago
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 9 months ago
- sideloading PoC using onedrive.exe & version.dll☆93Oct 30, 2025Updated 4 months ago
- Using the peculiar behaviour of the VPGATHER instructions to determine if an address will fault before it is truly accessed. All done in …☆55Dec 30, 2025Updated 2 months ago
- ☆59Feb 19, 2026Updated last month
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Oct 19, 2025Updated 5 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆200Dec 30, 2025Updated 2 months ago
- ☆13Jan 21, 2019Updated 7 years ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆116Oct 30, 2025Updated 4 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 10 months ago
- Process Injection using Thread Name☆307Apr 18, 2025Updated 11 months ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆65Jan 5, 2026Updated 2 months ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- Static Encrypt is an crate that encrypts string literals at compile time and only decrypted at runtime when needed.☆58Jan 17, 2026Updated 2 months ago
- a BOF implementation of various registry persistence methods☆95Nov 11, 2025Updated 4 months ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆129Jan 28, 2026Updated last month
- ☆56Mar 13, 2026Updated last week
- Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various method…☆15Updated this week
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆69Jan 19, 2026Updated 2 months ago
- Educational proof-of-concept demonstrating DEP/NX bypass using hardware breakpoints, vectored exception handling, and instruction emulati…☆99Oct 17, 2025Updated 5 months ago
- A simple POC to show how to chain multiple callbacks via tail calls to artificially construct a call stack☆99Dec 22, 2025Updated 2 months ago
- ☆171Jan 1, 2026Updated 2 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆170May 17, 2023Updated 2 years ago
- ☆18Feb 29, 2024Updated 2 years ago
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- Audiodg.exe DLL hijacking for LPE with reboot-free restart primitive. Executes code as LOCAL SERVICE, escalates to SYSTEM via Scheduled T…☆89Jan 24, 2026Updated last month
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- A Rust template for writing Beacon Object Files (BOFs)☆113Feb 11, 2026Updated last month
- Prevent in-process process termination by patching exit APIs☆65Nov 9, 2025Updated 4 months ago
- Driver demonstrating how to register a DPC to asynchronously wait on an object☆50Jan 15, 2021Updated 5 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 2 months ago