qigpig / Ghosting-BOF
主要用于隐藏进程真实路径,进程带windows真签名
☆111Updated 6 months ago
Alternatives and similar repositories for Ghosting-BOF:
Users that are interested in Ghosting-BOF are comparing it to the libraries listed below
- Red team tool designed for quickly identifying hijackable programs, evading antivirus software, and EDR (Endpoint Detection and Response)…☆66Updated last month
- This is a third party agent for Havoc C2 written in golang.☆57Updated last year
- 集权利用工具☆55Updated last month
- Binary Hollowing☆73Updated 7 months ago
- FTP lnk调用pythonw程序,用于攻防钓鱼场景下免杀运行捆绑木马文件☆61Updated 7 months ago
- Confluence未授权添加管理员用户(CVE-2023-22515)漏洞利用工具☆107Updated last year
- 根据攻防以及域信息收集经验dump快而有用的域信息☆104Updated last year
- 通过websocket在IIS8(Windows Server 2012)以上实现socks5代理☆86Updated last year
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆127Updated last year
- 域内普通域用户权限查找域内所有计算机上登录的用户☆149Updated 2 years ago
- impacket编程手册☆104Updated last year
- Cobalt Strike BOF that Add a user to localgroup by samr☆129Updated 2 years ago
- mssqlproxy python3.5+ 并修复bug☆63Updated 2 years ago
- cobaltstrike的BypassUAC、提权dll插件☆81Updated 4 months ago
- ☆43Updated 4 months ago
- Zerologon exploit with restore DC password automatically☆133Updated last year
- 重构Beacon☆153Updated 8 months ago
- 收集云沙箱上线C2的ip,如微X、奇XX、3X0、virustX等☆123Updated last year
- 绕过defender的完整项目☆33Updated last year
- Zerologon自动化脚本☆88Updated last year
- 通过端口复用直接进行正向socks5代理(非防火墙分流)☆105Updated 4 months ago
- Cobalt Strike 二开项目☆182Updated 2 years ago
- ☆33Updated last year
- Hidedump:a lsassdump tools that may bypass EDR☆50Updated 11 months ago
- Shellcode Reductio Entropy Tools☆66Updated last year
- 利用EFSRPC协议批量探测出网☆65Updated last year
- 基于个人习惯使用C/C++的shellcode开发项目模板☆36Updated 8 months ago
- ☆11Updated last year
- ☆49Updated last year
- 通过C/C++实现的 Windows RID Hijacking persistence technique (RID劫持 影子账户 账户克隆).☆76Updated 3 years ago