oh-az / NoArgs
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.
☆151Updated last year
Alternatives and similar repositories for NoArgs:
Users that are interested in NoArgs are comparing it to the libraries listed below
- Continuous password spraying tool☆183Updated 2 months ago
- ☆171Updated 5 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆198Updated 6 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆148Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆198Updated 10 months ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆157Updated last month
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dump☆148Updated 7 months ago
- ☆154Updated 9 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆189Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆164Updated 5 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆187Updated 5 months ago
- A collection of Cobalt Strike Aggressor scripts.☆95Updated 3 years ago
- Ghosting-AMSI☆159Updated last week
- 「💀」Proof of concept on BYOVD attack☆158Updated 5 months ago
- Stage 0☆159Updated 4 months ago
- Evasive Golang Loader☆131Updated 9 months ago
- Morpheus is a memory dumper that extracts lsass.exe in RAM and exfiltrates it via forged NTP packets. It uses RC4 encryption and Reed-Sol…☆92Updated last month
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 9 months ago
- TeamServer and Client of Exploration Command and Control Framework☆125Updated this week
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆301Updated last year
- ☆202Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆111Updated last year
- Chrome browser extension-based Command & Control☆132Updated 2 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆61Updated last week
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆255Updated 8 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆186Updated 2 months ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated last week
- ☆137Updated last year