qi4L / Blackout-go
kill AV/EDR
☆21Updated last year
Related projects ⓘ
Alternatives and complementary repositories for Blackout-go
- more conveniently Visual-Studio-BOF-template☆53Updated last year
- vehsyscall:a syscall project that may bypass EDR☆46Updated 8 months ago
- Self Cleanup in post-ex job☆44Updated 2 months ago
- Binary Hollowing☆55Updated 2 months ago
- ☆27Updated last year
- Shellcode Reductio Entropy Tools☆63Updated last year
- ☆38Updated last year
- AddDefenderExclusions Beacon Object File☆31Updated last year
- A standalone/cmdline BOF runner implemented in pure Go and CGO.☆15Updated 10 months ago
- ☆29Updated last year
- Bypass EDR Create TaskServers☆34Updated last year
- Rust 重构的 sRDI☆11Updated 2 months ago
- Silently Install Chrome Extension For Persistence☆43Updated 4 months ago
- 免杀计划任务进行权限维持,过主流杀软。 A schtask tool bypass anti-virus☆66Updated 2 years ago
- 一个demo☆23Updated 7 months ago
- CobaltStrike4.5 Sleeve解密文件,搬砖加一点点修改, 仅作备份使用.☆30Updated 2 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆38Updated last year
- Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response)…☆59Updated 6 months ago
- Magical obfuscator, supports obfuscating EXE, BOF, and ShellCode.☆82Updated this week
- shellcode loader by c++,免杀,bypass,☆13Updated 2 years ago
- A Simple PoC☆19Updated 5 months ago
- Evasive loader to bypass static detection☆54Updated 10 months ago
- Enable RDP and set firewall by Windows API.☆19Updated 2 years ago
- Load shellcode via syscall☆47Updated 3 years ago
- Execute Remote Assembly with args passing and with AMSI and ETW patching .☆32Updated last year
- command execute without 445 port☆51Updated 2 years ago
- A Mimikatz For Only Extracting Login Passwords.(Bypasses Most AV's)☆59Updated 2 years ago
- ReturnGate, just like HellsGate.☆65Updated 2 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆67Updated last year
- Cobalt Strike BOF that Add a user to localgroup by samr☆123Updated last year