plackyhacker / Peruns-FartLinks
Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.
☆111Updated 3 years ago
Alternatives and similar repositories for Peruns-Fart
Users that are interested in Peruns-Fart are comparing it to the libraries listed below
Sorting:
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆86Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR☆102Updated 4 years ago
- RDPThief donut shellcode inject into mstsc☆87Updated 4 years ago
- DynamicSyscalls is a library written in .net resolves the syscalls dynamically (Has nothing to do with hooking/unhooking)☆66Updated 2 years ago
- Convert shellcode generated using pe_2_shellcode to cdb format.☆97Updated 3 years ago
- Weaponizing for privileged file writes bugs with PrintNotify Service☆134Updated 3 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆82Updated 3 years ago
- .NET project for installing Persistence☆63Updated 3 years ago
- ☆67Updated 3 years ago
- Rewrote HellsGate in C# for fun and learning☆86Updated 3 years ago
- .NET implementation of Cobalt Strike's External C2 Spec☆86Updated 3 years ago
- Pseudorandom AES-256 encryption designed to protect shellcode and arbitrary strings. C# and C/C++ compatible.☆102Updated 3 years ago
- SLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#☆65Updated last year
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 3 years ago
- ☆57Updated 4 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆97Updated 3 years ago
- Cobalt Strike BOF that uses a custom ASM HalosGate & HellsGate syscaller to return a list of processes☆108Updated 2 years ago
- Pass the Hash to a named pipe for token Impersonation☆144Updated 4 years ago
- ☆71Updated 4 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆119Updated 5 years ago
- AmsiHook is a project I created to figure out a bypass to AMSI via function hooking.☆66Updated 5 years ago
- ☆94Updated 3 years ago
- Collection of CobaltStrike beacon object files☆104Updated 3 years ago
- UUID based Shellcode loader for your favorite C2☆86Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆85Updated 2 years ago
- Using syscall to load shellcode, Evasion techniques☆27Updated 4 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- DLL Hijack Search Order Enumeration BOF☆149Updated 3 years ago
- A BOF port of the research of @thefLinkk and @codewhitesec☆98Updated 3 years ago