☆17Sep 17, 2025Updated 6 months ago
Alternatives and similar repositories for Zone
Users that are interested in Zone are comparing it to the libraries listed below
Sorting:
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 10 months ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- Limited Windows PE linker (creating .exe from .obj and .dll files for x86 architecture)☆16Jun 15, 2019Updated 6 years ago
- IronPE is a Windows PE manual loader written in Rust for both x86 and x64 PE files.☆77Mar 10, 2026Updated last week
- Files for http://blog.deniable.org/posts/windows-callbacks/☆12Jan 1, 2023Updated 3 years ago
- ☆59Feb 19, 2026Updated last month
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last month
- WinDbg plugin to trace module transitions from a debugged driver.☆46Dec 22, 2025Updated 2 months ago
- A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.☆15Apr 4, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆15Feb 13, 2024Updated 2 years ago
- Windows LPE Nday☆32Apr 26, 2024Updated last year
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- ☆10Sep 3, 2021Updated 4 years ago
- Beacon Debugger☆55Oct 28, 2024Updated last year
- This repository contains tips, tricks, and examples of aggressor script functions. The intent is to share bite size examples that can be …☆16Aug 12, 2025Updated 7 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆44Oct 11, 2025Updated 5 months ago
- Dumping LSA secrets: a story about task decorrelation☆14Jul 9, 2024Updated last year
- Implementing Ghostly-Hollowing using tampered syscalls for remote PE injection☆72Dec 26, 2025Updated 2 months ago
- Command Augmentation support for BOFs and .NET assemblies across agents☆42Mar 12, 2026Updated last week
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- A python metamorphic engine for PE/PE+ files.☆15Jan 1, 2023Updated 3 years ago
- ☆18Dec 1, 2024Updated last year
- MLOps Attack Toolkit☆31Aug 25, 2025Updated 6 months ago
- ☆12Sep 1, 2022Updated 3 years ago
- Docker container for running CobaltStrike 4.10☆38Sep 18, 2024Updated last year
- Remote administration toolkit for windows, based on Hidden VNC: file manager, keystroke logger, powershell☆38Nov 23, 2025Updated 3 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated last year
- A web assembly (WASM) phishing lure generator based on pre-built templates and written in Rust with some GenAI assistance. W.A.L.K. aims …☆101Sep 5, 2024Updated last year
- Dump processes over WMI with MSFT_MTProcess☆85Feb 13, 2026Updated last month
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆200Dec 30, 2025Updated 2 months ago
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆107Mar 10, 2025Updated last year
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated 2 years ago
- early cascade injection PoC based on Outflanks blog post☆239Nov 7, 2024Updated last year
- ☆17Sep 25, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- This repo contains EXPs about Vulnerable Windows Driver☆47May 22, 2024Updated last year
- Custom dyld version inherited from original Apple dyld implementation☆23Apr 27, 2024Updated last year