A Proof of Concept Rootkit Demonstrating Keylogging and Virtual File System (VFS) Capabilities
☆78Sep 21, 2022Updated 3 years ago
Alternatives and similar repositories for INTRACTABLEGIRAFFE
Users that are interested in INTRACTABLEGIRAFFE are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- ☆10Apr 19, 2026Updated 2 weeks ago
- ☆84Oct 18, 2022Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆244Sep 26, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- idk man this was the default github name☆35Apr 23, 2023Updated 3 years ago
- A small Aggressor script to help Red Teams identify foreign processes on a host machine☆86Jan 6, 2023Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Take back control of Windows Code Integrity, no exploits or patching required! Requires that you control your own Platform Key (PK).☆52Aug 22, 2022Updated 3 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆310Feb 13, 2023Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 5 months ago
- A third-party Gopher Assassin for the Havoc Framework.☆45Jan 1, 2024Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 2 years ago
- ☆124May 12, 2021Updated 4 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆203Jun 6, 2024Updated last year
- Using fibers to run in-memory code.☆244Oct 19, 2023Updated 2 years ago
- It stinks☆103Apr 22, 2022Updated 4 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- Splitting and executing shellcode across multiple pages☆105Jun 8, 2023Updated 2 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Feb 28, 2023Updated 3 years ago
- Apply a divide and conquer approach to bypass EDRs☆287Oct 19, 2023Updated 2 years ago
- ☆224Oct 22, 2023Updated 2 years ago
- Shaco is a linux agent for havoc☆169Oct 25, 2023Updated 2 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 3 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- For when DLLMain is the only way☆431Oct 29, 2024Updated last year
- Enumerate various traits from Windows processes as an aid to threat hunting☆202Jan 13, 2022Updated 4 years ago
- XOR decrypting shellcode using the GPU with OpenCL. Original PoC adopted by e.g. CoffeeLoader, GpuGate.☆123May 22, 2025Updated 11 months ago
- Deploy open-source AI quickly and easily - Special Bonus Offer • AdRunpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
- ManageEngine ADManager Command Injection☆11Oct 2, 2023Updated 2 years ago
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆180Feb 10, 2023Updated 3 years ago
- A spiritual .NET equivalent to the Gargoyle memory scanning evasion technique☆52Dec 6, 2018Updated 7 years ago
- Load a dynamic library from memory using a fuse mount☆33Sep 15, 2023Updated 2 years ago
- A PoC tool for exploiting leaked process and thread handles☆34Feb 13, 2024Updated 2 years ago
- Serverless Redirector in various cloud vendor for red team☆73Dec 8, 2022Updated 3 years ago
- Remote code execution in Power Platform connectors via JSON deserialization☆23Mar 30, 2023Updated 3 years ago