panagioto / SyscallHide
Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.
☆74Updated 4 years ago
Related projects: ⓘ
- C++ implant that interfaces with a SK8PARK server☆47Updated 3 years ago
- Initial Commit of Coresploit☆55Updated 2 years ago
- A simple COM server which provides a component to run shellcode☆131Updated 4 years ago
- Suite of Shellcode Running Utilities☆105Updated 4 years ago
- Source code for HppDLL - local password dumping using MsvpPasswordValidate hooks☆1Updated 3 years ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆58Updated 5 years ago
- Sound Research SECOMN service Privilege Escalation (windows 10)☆39Updated 4 years ago
- Aggressor Script to Execute Assemblies from Github☆66Updated 3 years ago
- ☆53Updated 2 years ago
- ☆37Updated this week
- ReaCOM has got a lot of tools to use and is related to component object model☆73Updated 4 years ago
- ☆37Updated 5 years ago
- C++ POC code for the wlbsctrl.dll hijack on IKEEXT☆52Updated 5 years ago
- Python 3 server used to control SK8RAT implant☆34Updated 3 years ago
- A simple proof of concept for detecting use of Cobalt Strike's execute-assembly☆57Updated 2 years ago
- A script that can be deployed to Azure App for C2 / Proxy / Redirector☆35Updated 5 years ago
- ☆36Updated 6 years ago
- A C++ POC for process injection using NtCreateSectrion, NtMapViewOfSection and RtlCreateUserThread. Credit to @spotheplanet for his notes…☆41Updated 3 years ago
- External C2 Using IE COM Objects☆96Updated 5 years ago
- Demos of Donut used in conferences, etc. Mostly for my use, but free for others to use as a reference.☆30Updated 4 years ago
- A simple script to generate JScript code for calling Win32 API functions using XLM/Excel 4.0 macros via Excel.Application "ExecuteExcel4M…☆87Updated 4 years ago
- adding a backdooruser using win32api☆79Updated 4 years ago
- Credential Dumper☆74Updated 4 years ago
- MiniDumpWriteDump behavior modification hook☆49Updated 3 years ago
- Privesc through import of Sheduled tasks + Hardlinks - CVE-2019-1069☆34Updated 5 years ago
- A Powershell module including a couple of cmdlets for EWS Enum/Exploitation.☆17Updated 5 years ago
- Smart overlay for Cobalt Strike PS function☆30Updated 5 years ago
- ☆23Updated this week
- ☆57Updated this week
- AMSI Bypass Via the Heap☆105Updated 3 years ago