nixpal / shellsiloLinks
SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this tool, integrating strings into your shellcode and initializing Unicode strings has never been easier.
☆132Updated 8 months ago
Alternatives and similar repositories for shellsilo
Users that are interested in shellsilo are comparing it to the libraries listed below
Sorting:
- Adversary Emulation Framework☆121Updated 3 weeks ago
- Stage 0☆161Updated 7 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆203Updated 9 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆279Updated last month
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆169Updated 4 months ago
- Port of Cobalt Strike's Process Inject Kit☆181Updated 7 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆188Updated 8 months ago
- Local & remote Windows DLL Proxying☆165Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆147Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dump☆150Updated 10 months ago
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆153Updated last year
- ☆155Updated 7 months ago
- ☆188Updated 4 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆158Updated 3 weeks ago
- ☆140Updated 2 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆130Updated this week
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 4 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆185Updated 5 months ago
- ☆181Updated last month
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆120Updated 3 months ago
- Lateral Movement☆124Updated last year
- A Mythic agent for Windows written in C☆130Updated last week
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆140Updated 4 months ago
- A BOF to enumerate system process, their protection levels, and more.☆117Updated 8 months ago
- .NET Post-Exploitation Utility for Abusing Explicit Certificate Mappings in ADCS☆147Updated 5 months ago
- Lateral movement with DCOM DLL hijacking☆131Updated 3 weeks ago
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆119Updated last year
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆225Updated 2 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year