Matryoshka loader is a tool that red team operators can leverage to generate shellcode for Microsoft Office document phishing payloads.
☆43May 24, 2021Updated 4 years ago
Alternatives and similar repositories for Matryoshka
Users that are interested in Matryoshka are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Trigen is a Python script which uses different combinations of Win32 function calls in generated VBA to execute shellcode.☆203Jul 2, 2017Updated 8 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Collection of shellcode injection techniques packed in a D/Invoke weaponized DLL☆23Aug 27, 2022Updated 3 years ago
- SharpASM is a C# project that aims to automate ASM (i.e. shellcode) execution in .NET programs by exploiting code caves in RWX sections a…☆59May 23, 2022Updated 3 years ago
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Collection of tools to use with Azure Applications☆113Oct 13, 2023Updated 2 years ago
- load dumped csharp binaries as assemblies and launch them in memory☆28Feb 9, 2024Updated 2 years ago
- ☆93Aug 23, 2021Updated 4 years ago
- A C# implementation of dumping credentials from Windows Credential Manager☆62Sep 23, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- ☆210Nov 28, 2023Updated 2 years ago
- .NET tool used to enrich RPC telemetry☆101Jan 24, 2026Updated 2 months ago
- Word resources for phishing. Includes "Click Enable Content" bait and decoy document deployment.☆22May 16, 2018Updated 7 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Macro-Enabled Excel File Generator (.xlsm) using the EPPlus Library.☆148Sep 7, 2020Updated 5 years ago
- A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…☆275May 3, 2023Updated 2 years ago
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆103Jan 7, 2022Updated 4 years ago
- LoadLibrary for offensive operations☆33Dec 14, 2021Updated 4 years ago
- LittleCorporal: A C# Automated Maldoc Generator☆227Jul 30, 2021Updated 4 years ago
- Dump protected files (SAM,SYSTEM,SECURITY) by parsing the raw NTFS partition☆40Nov 11, 2025Updated 4 months ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- POC tool to convert CobaltStrike BOF files to raw shellcode☆221Nov 5, 2021Updated 4 years ago
- C# havoc implant☆100Feb 12, 2023Updated 3 years ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- AmsiScanBufferBypass using D/Invoke☆136Jun 17, 2021Updated 4 years ago
- Citrix Phishlet☆24Feb 2, 2021Updated 5 years ago
- My implementation of the GIUDA project in C++☆189Jul 25, 2023Updated 2 years ago
- TCP Port Redirection Utility☆767Jan 31, 2023Updated 3 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆300Sep 28, 2021Updated 4 years ago
- Self Delete DLL☆22Feb 15, 2024Updated 2 years ago
- YouTube/Livestream project for obfuscating C# source code using Roslyn☆129May 9, 2021Updated 4 years ago
- Sleep obfuscation in golang based on ekko☆14Jan 16, 2024Updated 2 years ago
- ☆14Jul 26, 2025Updated 8 months ago
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆309Dec 9, 2023Updated 2 years ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- C# Implementation of the Hell's Gate VX Technique☆216Jun 30, 2020Updated 5 years ago
- Enumerate Domain Users Without Authentication☆282Apr 22, 2025Updated 11 months ago
- ☆39Sep 25, 2023Updated 2 years ago
- Spoofing signatures in Office Open XML Documents (Word, Excel, Powerpoint)☆26Nov 19, 2022Updated 3 years ago
- Proof of concept Beacon Object File (BOF) that uses static x64 syscalls to perform a complete in memory dump of a process and send that b…☆244Jul 14, 2021Updated 4 years ago