oh-az / NoArgs
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.
☆151Updated 10 months ago
Alternatives and similar repositories for NoArgs:
Users that are interested in NoArgs are comparing it to the libraries listed below
- Continuous password spraying tool☆170Updated 2 weeks ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆147Updated last week
- ☆170Updated 4 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆145Updated 10 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆192Updated 5 months ago
- 「💀」Proof of concept on BYOVD attack☆155Updated 3 months ago
- TeamServer and Client of Exploration Command and Control Framework☆110Updated this week
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆158Updated 3 months ago
- Leverage WindowsApp createdump tool to obtain an lsass dump☆147Updated 6 months ago
- A collection of Cobalt Strike Aggressor scripts.☆92Updated 3 years ago
- AV bypass while you sip your Chai!☆218Updated 10 months ago
- A shellcode injection tool showcasing various process injection techniques☆134Updated last year
- An interactive shell to spoof some LOLBins command line☆184Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆289Updated last year
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆159Updated 3 months ago
- Evasive Golang Loader☆129Updated 7 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆186Updated 5 months ago
- Havoc C2 profile generator☆73Updated 4 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 7 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆250Updated 7 months ago
- ☆144Updated 7 months ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆287Updated 4 months ago
- ☆193Updated 11 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆182Updated 3 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆184Updated last year
- C# AV/EDR Killer using less-known driver (BYOVD)☆172Updated last year