Simple windows rpc server for research purposes only
☆83May 29, 2022Updated 3 years ago
Alternatives and similar repositories for Windows-RPC-Backdoor
Users that are interested in Windows-RPC-Backdoor are comparing it to the libraries listed below
Sorting:
- A basic emulation of an "RPC Backdoor"☆242Aug 25, 2022Updated 3 years ago
- Kill Protected Process Light Process (include av)☆58Sep 15, 2023Updated 2 years ago
- ☆26Dec 29, 2021Updated 4 years ago
- ☆23May 28, 2021Updated 4 years ago
- 一个基于DNS隧道的简单C2☆61Jul 19, 2022Updated 3 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- Windows NTLM Authentication Backdoor☆241Jan 15, 2025Updated last year
- Cobalt Strike Malleable Profile Inline Patch Template: A Position Independent Code (PIC) Code Template For Creating Shellcode That Can Be…☆42Sep 3, 2020Updated 5 years ago
- C# Port of LdapRelayScan☆91Nov 26, 2025Updated 3 months ago
- Simple PoCs for utilizing Windows syscalls in Go☆16Jan 13, 2021Updated 5 years ago
- ☆16Nov 23, 2021Updated 4 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆96Mar 20, 2023Updated 2 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆220Nov 5, 2021Updated 4 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆87Mar 22, 2023Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆88Jun 24, 2022Updated 3 years ago
- Aggressorscript that turns the headless aggressor client into a (mostly) functional cobalt strike client.☆147Sep 8, 2022Updated 3 years ago
- Misc TaskScheduler Plays☆238Sep 27, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 2 years ago
- ☆152Jan 6, 2023Updated 3 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆195Jun 18, 2024Updated last year
- havoc2nginx is a simple python script that converts Havoc Framework's yaotl malleable c2 profile to Nginx configuration file format. Most…☆12May 8, 2023Updated 2 years ago
- A small NtCreateUserProcess PoC that spawns a Command prompt.☆102Aug 25, 2022Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Mar 8, 2023Updated 2 years ago
- DLL Hijack Search Order Enumeration BOF☆149Nov 3, 2021Updated 4 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- ☆55Sep 13, 2022Updated 3 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- ☆383Jan 19, 2023Updated 3 years ago
- ☆313May 16, 2022Updated 3 years ago
- IAT-Obfuscation to make static analysis of executable harder.☆44Sep 6, 2021Updated 4 years ago
- ☆72Aug 2, 2022Updated 3 years ago
- A Combination LSASS Dumper and LSASS Parser. All Credit goes to @slyd0g and @cube0x0.☆151Nov 21, 2021Updated 4 years ago
- A simple program to hook the current process to identify the manual syscall executions on windows☆265Nov 18, 2022Updated 3 years ago
- Killing your preferred antimalware by abusing native symbolic links and NT paths.☆358Jan 29, 2022Updated 4 years ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- Collection of extracted Microsoft Defender data for security research purposes☆233Jun 23, 2022Updated 3 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- 利用NTLM Hash读取Exchange邮件☆58May 13, 2023Updated 2 years ago