Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx
☆15Apr 26, 2021Updated 4 years ago
Alternatives and similar repositories for Sigma
Users that are interested in Sigma are comparing it to the libraries listed below
Sorting:
- ☆52Dec 11, 2019Updated 6 years ago
- Injects shellcode into remote processes using direct syscalls☆77Dec 30, 2020Updated 5 years ago
- Metamorphic Code Generator & Loader☆15Dec 7, 2020Updated 5 years ago
- Out-of-the-Box Tool to Obfuscate Excel XLS. Include Obfuscation & Hide for Cell Labels & BoundSheets☆48Aug 4, 2021Updated 4 years ago
- A simple PoC to demonstrate that is possible to write Non writable memory and execute Non executable memory on Windows☆52Jun 14, 2021Updated 4 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- Aggressor script to integrate Phant0m with Cobalt Strike☆27Jun 8, 2017Updated 8 years ago
- 寻找可注入进程☆13Jul 16, 2020Updated 5 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- inject shellcode into remote process via message hook☆15Oct 28, 2020Updated 5 years ago
- C# project to create or modify existing LNKs☆54Oct 18, 2022Updated 3 years ago
- An example of using Syscalls in C# to get a meterpreter shell.☆113Oct 7, 2021Updated 4 years ago
- Call your own DLL from VBA and execute code under process svchost.exe with WMI☆12Mar 6, 2020Updated 6 years ago
- I used this to see if an EDR is running in Safe Mode☆36Feb 13, 2021Updated 5 years ago
- Bypass UAC at any level by abusing the Task Scheduler and environment variables☆35Jul 12, 2021Updated 4 years ago
- Loading and executing shellcode in C# without PInvoke.☆22Jan 10, 2022Updated 4 years ago
- C++ implementation of DOUBLEPULSAR usermode shellcode. Yet another Reflective DLL loader.☆31Nov 9, 2021Updated 4 years ago
- Notes Template/Checklist for PEN-300 OSEP☆16Nov 20, 2021Updated 4 years ago
- PoC for UUID shellcode execution using DInvoke☆155Mar 8, 2021Updated 5 years ago
- Bypass UAC by abusing the Security Center CPL and hijacking a shell protocol handler☆30Jul 12, 2021Updated 4 years ago
- ☆26May 22, 2021Updated 4 years ago
- The repository that complements the From zero to hero: creating a reflective loader in C# workshop☆40Oct 6, 2021Updated 4 years ago
- Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.☆37Jan 23, 2020Updated 6 years ago
- Rewrote HellsGate in C# for fun and learning☆86Feb 10, 2022Updated 4 years ago
- Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.☆203Jul 2, 2017Updated 8 years ago
- A collection of Cobalt Strike Malleable C2 profiles☆36Oct 13, 2020Updated 5 years ago
- C# loader that copies a chunk at the time of the shellcode in memory, rather that all at once☆23Jul 14, 2022Updated 3 years ago
- Inject shellcode into process via "EarlyBird"☆26Aug 30, 2021Updated 4 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- .NET 4.0 Remote Desktop Manager Password Gatherer☆81Sep 29, 2020Updated 5 years ago
- A pure C version of SymProcAddress☆30Mar 17, 2024Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆109Jan 3, 2021Updated 5 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆79Feb 27, 2020Updated 6 years ago
- Using "svchost.exe -k ClipboardSvcGroup -p -s cbdhsvc" as trigger☆58Oct 7, 2020Updated 5 years ago
- Cheat sheets☆10Jul 4, 2016Updated 9 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆67Jun 14, 2020Updated 5 years ago
- An Ansible role to install cobalt-strike☆16Aug 24, 2020Updated 5 years ago
- Dynamically invoke arbitrary unmanaged code from managed code without P/Invoke.☆171Jan 25, 2024Updated 2 years ago
- Deobfuscation of XorStringsNet☆14Nov 5, 2024Updated last year