plackyhacker / DynamicEarlyBird
An example of using Dynamic Invoke to Inject Shellcode using the Early Bird Method.
☆12Updated 9 months ago
Related projects: ⓘ
- ProcessHollowing via csharp☆12Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆49Updated 2 years ago
- Unhook DLL via cleaning the DLL 's .text section☆9Updated 3 years ago
- Extracting Syscall Stub, Modernized☆60Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆51Updated 2 years ago
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆24Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆34Updated 9 months ago
- Implementation of SpoolSample without rDLL☆30Updated 3 years ago
- Beacon Object File to locate and suspend the threads hosting the Event Log service☆24Updated 2 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆40Updated last year
- Bypassing ETW with Csharp☆25Updated 2 years ago
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆47Updated 2 years ago
- Hide code from dnSpy and other C# spying tools☆40Updated 3 years ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 3 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆55Updated 11 months ago
- ☆21Updated 2 years ago
- Used to AES encrypt shellcode, can take password or use built in default should be used with Iron Injector to generate and execute shellc…☆15Updated 2 years ago
- Rewrite to fit my needs☆25Updated last month
- Beacon Object File implementation of Yaxser's Backstab☆13Updated 2 years ago
- Simple and sane compression wrapper library.☆17Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆76Updated 2 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆82Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆28Updated last year
- Simple .NET loader for loading and executing Powershell payloads☆13Updated 2 years ago
- Execute shellcode with ZwCreateSection, ZwMapViewOfSection, ZwOpenProcess, ZwMapViewOfSection and ZwCreateThreadEx☆14Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆73Updated 2 years ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆13Updated 2 months ago
- A C# Solution Source Obfuscator for avoiding AV signatures with minimal user interaction. Powered by the Roslyn C# library.☆69Updated 4 years ago