oh-az / NoArgs
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.
☆150Updated 10 months ago
Alternatives and similar repositories for NoArgs:
Users that are interested in NoArgs are comparing it to the libraries listed below
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆145Updated 10 months ago
- ☆170Updated 4 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆192Updated 4 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆159Updated 3 months ago
- Continuous password spraying tool☆129Updated last week
- ☆142Updated 7 months ago
- A Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.☆110Updated last month
- Our Tips&Tricks☆111Updated 3 weeks ago
- A collection of Cobalt Strike Aggressor scripts.☆92Updated 3 years ago
- TeamServer and Client of Exploration Command and Control Framework☆110Updated this week
- Stage 0☆153Updated 2 months ago
- 「💀」Proof of concept on BYOVD attack☆155Updated 3 months ago
- ☆192Updated 11 months ago
- ☆207Updated 5 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆182Updated 3 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆184Updated last year
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆157Updated 2 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆250Updated 7 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆284Updated 3 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆147Updated 5 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆186Updated 5 months ago
- A PoC for Early Cascade process injection technique.☆163Updated last month
- C or BOF file to extract WebKit master key to decrypt user cookie☆191Updated 10 months ago
- ☆165Updated last year
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆118Updated this week