Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code
☆24Mar 13, 2023Updated 2 years ago
Alternatives and similar repositories for WinSpoof
Users that are interested in WinSpoof are comparing it to the libraries listed below
Sorting:
- ☆15Feb 9, 2022Updated 4 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆66Aug 29, 2023Updated 2 years ago
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Tool to enumerate unregistered reply URLs for single and multitenant apps in Azure☆15Jan 23, 2025Updated last year
- ELF Beacon Object File (BOF) Template☆19Nov 18, 2024Updated last year
- ☆17Aug 25, 2022Updated 3 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- ☆20Mar 21, 2024Updated last year
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- A collection of (even more) alternative shellcode callback methods in CSharp☆81Oct 26, 2024Updated last year
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- ☆16May 15, 2021Updated 4 years ago
- Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security☆16May 21, 2023Updated 2 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- A framework for backdooring Microsoft Nuget packages.☆10Jan 9, 2024Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 3 years ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- SharePoint Security Auditor☆21Jan 16, 2016Updated 10 years ago
- Yet, Another Packer/Loader☆25Feb 26, 2023Updated 3 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Pipeleek scans CI/CD logs and artifacts to detect leaked secrets and pivot from them☆19Updated this week
- C# havoc implant☆100Feb 12, 2023Updated 3 years ago
- ☆22Sep 25, 2022Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- SMB Named Pipe shell☆69Nov 19, 2024Updated last year
- A tool to exchange decryption keys for command and control (C2) beacons and implants through DNS records.☆40Jan 7, 2023Updated 3 years ago
- This repository is a collection of my malicious VBA projects.☆119Feb 13, 2021Updated 5 years ago
- ☆10Jan 4, 2015Updated 11 years ago
- Simple POC of Voice C2 using Speech Recognition☆13Apr 27, 2022Updated 3 years ago
- Dll hijack -- just one macro☆12Jul 3, 2023Updated 2 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- ☆12Feb 23, 2015Updated 11 years ago