qigpig / Ghosting-BOFLinks
主要用于隐藏进程真实路径,进程带windows真签名
☆115Updated last year
Alternatives and similar repositories for Ghosting-BOF
Users that are interested in Ghosting-BOF are comparing it to the libraries listed below
Sorting:
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆137Updated last year
- Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术,不使用API进行主线程劫持,不使用PEB…☆83Updated 3 months ago
- 重构Beacon☆163Updated last year
- FTP lnk调用pythonw程序,用于攻防钓鱼场景下免杀运行捆绑木马文件☆73Updated last year
- 常用功能的DLL插件☆85Updated last month
- Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具☆110Updated 2 years ago
- 域内普通域用户权限查找域内所有计算机上登录的用户☆151Updated 2 years ago
- 根据攻防以及域信息收集经验dump快而有用的域信息☆102Updated 2 years ago
- mssqlproxy python3.5+ 并修复bug☆65Updated 2 years ago
- Zerologon exploit with restore DC password automatically☆141Updated last year
- 通过C/C++实现的 Windows RID Hijacking persistence technique (RID劫持 影子账户 账户克隆).☆85Updated 3 years ago
- Zerologon自动化脚本☆96Updated 2 years ago
- Hidedump:a lsassdump tools that may bypass EDR☆50Updated last year
- ☆36Updated 2 years ago
- 集权利用工具☆85Updated 8 months ago
- 快速Go建你的免杀项目☆25Updated last year
- Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response)…☆75Updated 8 months ago
- Callback Function Loader Implemented in Go☆140Updated last year
- ☆46Updated 11 months ago
- File entropy calculator - Golang☆29Updated last year
- A cross platform C2/post-exploitation framework☆49Updated 2 weeks ago
- 绕过defender的完整项目☆34Updated last year
- Go 代码混淆工具,使用 AST (抽象语法树) 技术实现跨文件的代码混淆,同时保证混淆后的代码可编译和可执行。☆38Updated 2 weeks ago
- 收集云沙箱上线C2的ip,如微X、奇XX、3X0、virustX等☆125Updated 2 years ago
- impacket编程手册☆105Updated 2 years ago
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆89Updated last year
- ☆27Updated 3 years ago
- Cobalt Strike BOF that Add a user to localgroup by samr☆131Updated 2 years ago
- ☆49Updated 2 years ago
- 基于个人习惯使用C/C++的shellcode开发项目模板☆48Updated last year