Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload execution.
☆51Nov 2, 2025Updated 4 months ago
Alternatives and similar repositories for Self-Cleaning-PICO-Loader
Users that are interested in Self-Cleaning-PICO-Loader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- adws enumeration bof☆169Feb 16, 2026Updated last month
- ☆65Dec 19, 2024Updated last year
- A Windows tool that converts LDIF files to BloodHound CE☆31Dec 20, 2025Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- A proof of concept AMSI & ETW bypass using trampolines for hooking and modifying execution flow☆18Jun 26, 2025Updated 8 months ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 7 months ago
- ☆101Oct 7, 2023Updated 2 years ago
- IronPE is a Windows PE manual loader written in Rust for both x86 and x64 PE files.☆91Mar 10, 2026Updated 2 weeks ago
- PowerShell implementation for AD CS☆116Mar 2, 2026Updated 3 weeks ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆230Sep 19, 2025Updated 6 months ago
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 4 months ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆41Nov 4, 2025Updated 4 months ago
- A different approach to writing BOFs in rust.☆20Aug 20, 2025Updated 7 months ago
- User-Defined C2 BOF Template☆30Nov 24, 2025Updated 4 months ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- List web account manager (WAM) accounts added to the current profile☆24Dec 11, 2025Updated 3 months ago
- ☆26Aug 5, 2025Updated 7 months ago
- SysCalling is an educational project demonstrating state-of-the-art syscall execution techniques for bypassing user-space EDR controls in…☆14Dec 8, 2024Updated last year
- a BOF implementation of various registry persistence methods☆96Nov 11, 2025Updated 4 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 6 months ago
- Ludus roles to deploy ASR rules and MDI auditing settings☆24Aug 5, 2025Updated 7 months ago
- Novel Windows process injection: assembles existing open handles (process & thread), natural RWX regions, and special user APC (NtQueueAp…☆67Feb 17, 2026Updated last month
- ☆54Oct 13, 2025Updated 5 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Submission, compilation and execution of C# code snippets, using an unmanaged CLR Host☆53Jan 29, 2015Updated 11 years ago
- ☆20Sep 6, 2025Updated 6 months ago
- BOF template with boflink and mutator kit support☆49Jan 8, 2026Updated 2 months ago
- ☆21Feb 22, 2025Updated last year
- Show the time in Roman Numerals☆11Jan 23, 2020Updated 6 years ago
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- ☆37Dec 4, 2025Updated 3 months ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆267Oct 16, 2024Updated last year
- Red Team Coin for crypto-mining operations.☆23Mar 1, 2026Updated 3 weeks ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 6 months ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- Generate AES128/256 Kerberos keys for an AD account using a plaintext password and Python3☆81Jun 1, 2022Updated 3 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆28Apr 13, 2025Updated 11 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆310Mar 31, 2025Updated 11 months ago
- This contains a number of examples demonstrating how to use callback functions in supported aggressor script functions☆38Mar 17, 2025Updated last year