oh-az / NoArgs
NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.
☆150Updated 9 months ago
Alternatives and similar repositories for NoArgs:
Users that are interested in NoArgs are comparing it to the libraries listed below
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆193Updated 8 months ago
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆185Updated 3 months ago
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆180Updated last year
- ☆164Updated 3 months ago
- Continuous password spraying tool☆126Updated this week
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆144Updated 9 months ago
- ☆138Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆172Updated 2 months ago
- An interactive shell to spoof some LOLBins command line☆182Updated last year
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆156Updated 2 months ago
- 「💀」Proof of concept on BYOVD attack☆154Updated 2 months ago
- Tool designed to find folder exclusions using Windows Defender using command line utility MpCmdRun.exe as a low privileged user, without …☆186Updated 4 months ago
- Extracting NetNTLM without touching lsass.exe☆233Updated last year
- Leverage WindowsApp createdump tool to obtain an lsass dump☆145Updated 4 months ago
- AV bypass while you sip your Chai!☆217Updated 8 months ago
- Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement☆158Updated 2 months ago
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆129Updated 3 months ago
- ☆138Updated 6 months ago
- A collection of Cobalt Strike Aggressor scripts.☆91Updated 3 years ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- Port of Cobalt Strike's Process Inject Kit☆165Updated 2 months ago
- ☆202Updated this week
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆55Updated 7 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 6 months ago
- Leak of any user's NetNTLM hash. Fixed in KB5040434☆251Updated 6 months ago
- Stage 0☆152Updated last month
- Python implementation of GhostPack's Seatbelt situational awareness tool☆240Updated 3 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆216Updated 2 months ago
- Just another C2 Redirector using CloudFlare.☆85Updated 9 months ago