Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code
☆24Mar 13, 2023Updated 3 years ago
Alternatives and similar repositories for WinSpoof
Users that are interested in WinSpoof are comparing it to the libraries listed below
Sorting:
- ☆17Aug 25, 2022Updated 3 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- ☆15Feb 9, 2022Updated 4 years ago
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- ☆10Jan 4, 2015Updated 11 years ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- Monitor adapter, Fake DNS, Tunnel, and DHCP combined into one Windows Service☆12Apr 19, 2015Updated 10 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆81Oct 26, 2024Updated last year
- Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them☆19Updated this week
- A PE morphing tool that allows you to mimic one executable file to another.☆11Dec 6, 2023Updated 2 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- ☆20Mar 21, 2024Updated last year
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- all things awesome security☆14Jan 11, 2016Updated 10 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- SMB Named Pipe shell☆69Nov 19, 2024Updated last year
- ☆16May 15, 2021Updated 4 years ago
- A dsniff project using bro☆11Jan 25, 2016Updated 10 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading☆84Nov 21, 2022Updated 3 years ago
- Beacon Object File (BOF) for identifying dependent child services of a given parent.☆19Jun 20, 2025Updated 9 months ago