A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
☆39Aug 8, 2022Updated 3 years ago
Alternatives and similar repositories for CustomXMLPart
Users that are interested in CustomXMLPart are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆91Dec 15, 2022Updated 3 years ago
- API Hammering with C++20☆51Jul 21, 2022Updated 3 years ago
- ☆29May 10, 2024Updated last year
- Use GZip to compress your .NET assemblies for loading with AssemblyResolve.☆20Apr 11, 2014Updated 12 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆25May 19, 2022Updated 3 years ago
- AI Agents on DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- C code to enable ETW tracing for Dotnet Assemblies☆32Aug 12, 2022Updated 3 years ago
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- ☆170Jan 7, 2022Updated 4 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- ☆111Feb 17, 2025Updated last year
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆31Jan 30, 2025Updated last year
- Event Data Collector☆40Mar 23, 2026Updated last month
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts wa…☆1,070Oct 14, 2025Updated 6 months ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆91Nov 24, 2022Updated 3 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Living Off the Foreign Land setup scripts☆75Feb 26, 2025Updated last year
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- PoC for detecting and evading ETW detection of .Net Assembly.Load☆21Aug 26, 2020Updated 5 years ago
- Playing with PE's and Building Structures by Hand☆22Apr 21, 2022Updated 4 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 3 years ago
- ☆124Oct 9, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Hookers are cooler than patches.☆170Jan 21, 2022Updated 4 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆36Dec 1, 2025Updated 4 months ago
- Visual Basic Code universal Obfuscator intended to be used during penetration testing assignments.☆149Dec 13, 2021Updated 4 years ago
- A Python script that embeds Target VBS into LNK and when executed runs the VBS script from within.☆33Dec 5, 2022Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- Classic Bofa adapted to CobaltStrike.☆11Oct 4, 2022Updated 3 years ago
- Self Delete DLL☆22Feb 15, 2024Updated 2 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆17Sep 29, 2018Updated 7 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Generate password spraying lists based on the pwdLastSet-attribute of users.☆55Dec 6, 2023Updated 2 years ago
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆139Dec 20, 2022Updated 3 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Dec 6, 2018Updated 7 years ago
- Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality☆287Jun 26, 2023Updated 2 years ago
- .NET/PowerShell/VBA Offensive Security Obfuscator☆521Feb 1, 2024Updated 2 years ago
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆366Mar 2, 2024Updated 2 years ago
- Remove API hooks from a Beacon process.☆14Sep 18, 2021Updated 4 years ago