nettitude / Tartarus-TpAllocInject

Related projects ⓘ

Alternatives and complementary repositories for Tartarus-TpAllocInject

• ipSlav / DirtyCLR
  An App Domain Manager Injection DLL PoC on steroids
  ☆161Updated 11 months ago
• ZERODETECTION / MSC_Dropper
  ☆126Updated 3 months ago
• Octoberfest7 / Secure_Stager
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆145Updated 3 weeks ago
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆145Updated 11 months ago
• securifybv / BOFRyptor
  ☆118Updated last year
• cpu0x00 / SharpReflectivePEInjection
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆148Updated 10 months ago
• Mr-Un1k0d3r / AMSI-ETW-Patch
  Patch AMSI and ETW
  ☆232Updated 6 months ago
• VoldeSec / PatchlessCLRLoader
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆278Updated last year
• rasta-mouse / CsWhispers
  Source generator to add D/Invoke and indirect syscall methods to a C# project.
  ☆170Updated 8 months ago
• VoldeSec / PatchlessInlineExecute-Assembly
  Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.
  ☆155Updated last year
• mansk1es / GhostFart
  ☆133Updated last year
• Octoberfest7 / DropSpawn_BOF
  CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
  ☆216Updated last year
• vxCrypt0r / AMSI_VEH
  A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…
  ☆148Updated 5 months ago
• naksyn / ModuleShifting
  Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…
  ☆108Updated last year
• passthehashbrowns / BOFMask
  ☆108Updated last year
• CICADA8-Research / COMThanasia
  A set of programs for analyzing common vulnerabilities in COM
  ☆154Updated 2 months ago
• realoriginal / titanldr-ng
  A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …
  ☆163Updated last year
• ewby / Mockingjay_BOF
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆149Updated last year
• OtterHacker / SetProcessInjection
  ☆142Updated last year
• som3canadian / Cloudflare-Redirector
  Just another C2 Redirector using CloudFlare.
  ☆78Updated 6 months ago
• Octoberfest7 / enumhandles_BOF
  ☆117Updated 2 months ago
• x42en / sysplant
  Your syscall factory
  ☆121Updated 2 months ago
• nettitude / ETWHash
  C# POC to extract NetNTLMv1/v2 hashes from ETW provider
  ☆250Updated last year
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆113Updated 4 months ago
• MayerDaniel / profiler-lateral-movement
  Lateral Movement via the .NET Profiler
  ☆76Updated 5 months ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆104Updated last year
• SaadAhla / AMSI_patch
  Patching AmsiOpenSession by forcing an error branching
  ☆144Updated last year
• itm4n / PPLrevenant
  Bypass LSA protection using the BYODLL technique
  ☆146Updated 2 months ago
• MzHmO / TGSThief
  My implementation of the GIUDA project in C++
  ☆159Updated last year