paranoidninja/0xdarkvortex-red-team-ttps-part-2 external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

paranoidninja/0xdarkvortex-red-team-ttps-part-2

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/paranoidninja/0xdarkvortex-red-team-ttps-part-2)

Close

paranoidninja / 0xdarkvortex-red-team-ttps-part-2View on GitHubMore

• External links
• Readme badge

Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2

☆19Oct 8, 2020Updated 5 years ago

Alternatives and similar repositories for 0xdarkvortex-red-team-ttps-part-2

Users that are interested in 0xdarkvortex-red-team-ttps-part-2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• DanusMinimus / API-Hash

  View on GitHub
  API hashing written in C to load APIs indirectly using CRC32 hashing
  ☆15Jul 27, 2020Updated 5 years ago
• FuzzySecurity / AdvSim.Cryptography

  View on GitHub
  Simple and sane cryptographic wrapper library.
  ☆33Apr 21, 2023Updated 2 years ago
• mhaskar / MalleableC2-Profiles

  View on GitHub
  A collection of Cobalt Strike Malleable C2 profiles
  ☆36Oct 13, 2020Updated 5 years ago
• susMdT / fictional-invention

  View on GitHub
  idk man this was the default github name
  ☆35Apr 23, 2023Updated 2 years ago
• rasta-mouse / AsyncNamedPipes

  View on GitHub
  Send and receive messages over Named Pipes asynchronously.
  ☆39Sep 17, 2021Updated 4 years ago
• Wordpress hosting with auto-scaling on Cloudways • Ad
  Fully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
• S3cur3Th1sSh1t / SharpLigolo

  View on GitHub
  C# wrapper for ligolo
  ☆17Dec 9, 2021Updated 4 years ago
• D4rthMaulCop / DarthNetLoader

  View on GitHub
  ☆15Aug 17, 2023Updated 2 years ago
• cocomelonc / 2022-01-24-malware-injection-15

  View on GitHub
  Process injection via KernelCallbackTable
  ☆13Jan 28, 2022Updated 4 years ago
• m57 / cobaltstrike_bofs

  View on GitHub
  My CobaltStrike BOFS
  ☆167Jul 23, 2022Updated 3 years ago
• mgeeky / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆14Sep 18, 2021Updated 4 years ago
• rbmm / DirectSysCall

  View on GitHub
  ☆12Jul 2, 2023Updated 2 years ago
• tothi / malicious-service

  View on GitHub
  Minimal Windows Service Template for demonstrating privilege escalation via weak service executable permissions
  ☆14Nov 13, 2022Updated 3 years ago
• y11en / lm_tools

  View on GitHub
  横向移动三剑客 ( Lateral movement tools)
  ☆30Nov 16, 2021Updated 4 years ago
• mdsecactivebreach / functionpeekaboo

  View on GitHub
  ☆61Oct 24, 2025Updated 5 months ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• shantanu561993 / ParentProcessIDSpoof

  View on GitHub
  Spoof parent process ID
  ☆13Jan 23, 2019Updated 7 years ago
• RKX1209 / CVE-2019-1010298

  View on GitHub
  Proof of Concept of TrustZone exploit
  ☆16Aug 10, 2025Updated 7 months ago
• cocomelonc / 2022-05-02-malware-pers-3

  View on GitHub
  Malware persistence via COM DLL hijacking. C++ implementation example
  ☆13May 2, 2022Updated 3 years ago
• Cobalt-Strike / obfuscator-llvm

  View on GitHub
  ☆57Jan 15, 2024Updated 2 years ago
• d35ha / ShellInjector

  View on GitHub
  Execute an arbitrary command within the context of another process
  ☆21Jun 28, 2019Updated 6 years ago
• daevlin / Zero2Auto_homework

  View on GitHub
  Data from analysis of the custom sample from the chapter "Practical Analysis and Test"
  ☆12Aug 1, 2020Updated 5 years ago
• DoubleLabyrinth / ProcessHollowing

  View on GitHub
  ☆37May 9, 2019Updated 6 years ago
• paranoidninja / 0xdarkvortex-Reverse-Engineering

  View on GitHub
  This repo contains all the code that will be referred at https://scriptdotsh.com by Paranoid Ninja
  ☆47Jul 21, 2020Updated 5 years ago
• sneakerhax / C2PE

  View on GitHub
  Red Team C2 and Post Exploitation code
  ☆36Mar 10, 2026Updated 2 weeks ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
• killswitch-GUI / IsDebuggerPresent

  View on GitHub
  Debugger checks in 3 ways
  ☆19Jan 25, 2018Updated 8 years ago
• checkymander / sshiva

  View on GitHub
  C# application that allows you to quick run SSH commands against a host or list of hosts
  ☆42Sep 21, 2020Updated 5 years ago
• peta909 / NtCreateUserProcess_

  View on GitHub
  ☆13Jan 21, 2019Updated 7 years ago
• jackfrued / How-To-Ask-Questions-The-Smart-Way

  View on GitHub
  本文原文由知名 Hacker Eric S. Raymond 所撰寫，教你如何正確的提出技術問題並獲得你滿意的答案。
  ☆13Sep 25, 2020Updated 5 years ago
• api0cradle / AppLocker-Stuff

  View on GitHub
  Just some random stuff for AppLocker
  ☆18Jan 30, 2019Updated 7 years ago
• TRIKbranch / RunPE-X86--X64-

  View on GitHub
  With this RunPE you can easily inject your payload in any x86 or x64 program.
  ☆15Jun 3, 2019Updated 6 years ago
• XShar / simple_mutate_pe_x86

  View on GitHub
  Мутация PE x86
  ☆16Jun 2, 2019Updated 6 years ago
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆115Aug 29, 2022Updated 3 years ago
• Octoberfest7 / Mutants_Sessions_Self-Deletion

  View on GitHub
  Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.
  ☆129Apr 24, 2022Updated 3 years ago
• Proton VPN Special Offer - Get 70% off • Ad
  Special partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
• S4ntiagoP / freeBokuLoader

  View on GitHub
  A simple BOF that frees UDRLs
  ☆122May 29, 2022Updated 3 years ago
• vallejocc / PoC-Hide-Python-Malscript-UnicodeChars

  View on GitHub
  PoC showing how a potentially malicious script could be hidden, encrypted, into invisible unicode characters
  ☆15May 26, 2019Updated 6 years ago
• CCob / goreflect

  View on GitHub
  Reflective DLL loading of your favorite Golang program
  ☆173Jan 27, 2020Updated 6 years ago
• d35ha / RunPE

  View on GitHub
  An example of PE hollowing injection technique
  ☆26Jun 28, 2019Updated 6 years ago
• dtrizna / DInvoke_PoC

  View on GitHub
  Hardened Proof of Concept of D/Invoke Process Injection malware
  ☆42Jul 23, 2020Updated 5 years ago
• EspressoCake / DLL_Imports_BOF

  View on GitHub
  A BOF to parse the imports of a provided PE-file, optionally extracting symbols on a per-dll basis.
  ☆86Oct 28, 2021Updated 4 years ago
• jonaslyk / exploitkitpub

  View on GitHub
  ☆98Dec 9, 2021Updated 4 years ago