nixpal / shellsiloLinks
SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this tool, integrating strings into your shellcode and initializing Unicode strings has never been easier.
☆141Updated 2 months ago
Alternatives and similar repositories for shellsilo
Users that are interested in shellsilo are comparing it to the libraries listed below
Sorting:
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆207Updated last year
- Stage 0☆164Updated 10 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆175Updated 7 months ago
- Adversary Emulation Framework☆125Updated 3 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆193Updated 11 months ago
- Port of Cobalt Strike's Process Inject Kit☆188Updated 10 months ago
- ☆192Updated 7 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆209Updated last year
- NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into W…☆154Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆140Updated last year
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- ☆148Updated 5 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆190Updated 8 months ago
- Evasive Payload Delivery Server & C2 Redirector☆106Updated 2 months ago
- Local & remote Windows DLL Proxying☆165Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆166Updated 3 months ago
- ☆183Updated 4 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆96Updated 6 months ago
- Lateral Movement via Bitlocker DCOM interfaces & COM Hijacking☆356Updated 4 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆149Updated last year
- WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"☆120Updated last year
- Ghosting-AMSI☆219Updated 6 months ago
- The OUned project automating Active Directory Organizational Units ACL exploitation through gPLink poisoning☆147Updated last week
- A BOF to enumerate system process, their protection levels, and more.☆120Updated 11 months ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Updated 8 months ago
- ☆135Updated last month
- Windows Persistence IT-Security☆106Updated 7 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆126Updated last year
- Havoc C2 profile generator☆99Updated 3 months ago
- Webcam capture capability for Cobalt Strike as a BOF, with in-memory download options☆142Updated 7 months ago