Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe
☆13Dec 11, 2023Updated 2 years ago
Alternatives and similar repositories for RunspaceLoader
Users that are interested in RunspaceLoader are comparing it to the libraries listed below
Sorting:
- This repository will contain source codes from the Tradecraft improvement blog series☆14Mar 27, 2025Updated 11 months ago
- Hundred Days of Yara Challenge☆12Jun 21, 2022Updated 3 years ago
- Run payload like a Lazarus Group (UuidFromStringA). C++ implementation☆20Jul 24, 2022Updated 3 years ago
- Lite version of my Gatekeeper backdoor for public use.☆52Nov 15, 2021Updated 4 years ago
- ☆58Feb 16, 2025Updated last year
- Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)☆57Jun 15, 2025Updated 8 months ago
- Check for NotProxyShell CVE-2022-40140 & CVE-2022-41082☆26Oct 2, 2022Updated 3 years ago
- ☆27Jun 3, 2023Updated 2 years ago
- FFXI Gearswap Lua for the impaired☆10Feb 2, 2026Updated 3 weeks ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆50Jul 6, 2025Updated 7 months ago
- Windows C++ Implant for Exploration C2☆44Jan 26, 2026Updated last month
- RCE PoC for Empire C2 framework <5.9.3☆28Feb 24, 2024Updated 2 years ago
- This project will guide yout to awareness of injection in almost every window API and process.☆24Mar 30, 2022Updated 3 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆72May 14, 2022Updated 3 years ago
- Accelerating the collection, processing, analysis and outputting of digital forensic artefacts.☆32Nov 23, 2025Updated 3 months ago
- Windows Thread Pool Injection Havoc Implementation☆33Mar 23, 2024Updated last year
- ☆30Nov 7, 2022Updated 3 years ago
- From C to binary shellcode converter.☆55Nov 11, 2025Updated 3 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- A powershell module for hiding payloads in the pixels of images☆79Jul 6, 2024Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆240Jun 22, 2023Updated 2 years ago
- CVE-2025-24016: Wazuh Unsafe Deserialization Remote Code Execution (RCE)☆42Feb 19, 2025Updated last year
- Windows Signature Thief is a program designed to steal the digital signature of one file and install it on another.☆21Dec 9, 2025Updated 2 months ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- EvilMist is a collection of scripts and utilities designed to support cloud penetration testing & red teaming. The toolkit helps identify…☆123Updated this week
- Vulnerable by Design AWS Cloud Development Kit (CDK) Infrastructure☆49Dec 29, 2023Updated 2 years ago
- execute PE in memory Filelessly☆51Feb 8, 2025Updated last year
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- Utility to craft HTML or SVG smuggled files for Red Team engagements☆245Mar 19, 2024Updated last year
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆97Aug 27, 2023Updated 2 years ago
- PoC for CVE-2022-22954 - VMware Workspace ONE Access Freemarker Server-Side Template Injection☆10Apr 12, 2022Updated 3 years ago
- Apache Struts2 S2-062远程代码执行漏洞(CVE-2021-31805) | 反弹Shell☆11Apr 18, 2022Updated 3 years ago
- An isolated environment for DNS cache poisoning attack investigation and demonstration.☆10Nov 22, 2020Updated 5 years ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Challenge 1 of The Auror Project - Setup AD Lab automatically☆12Apr 26, 2022Updated 3 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Apr 16, 2022Updated 3 years ago
- PowerShell tool to enumerate existing exclusions in Windows Defender as low privileged user☆11Oct 14, 2024Updated last year
- ☆10Jul 1, 2023Updated 2 years ago
- An advanced AI-driven vulnerability scanner and penetration testing tool that integrates multiple AI providers (OpenAI, Grok, OLLAMA, Cla…☆34Nov 7, 2025Updated 3 months ago