r0keb / Windows-Kernel-ShellcodeLinks
Three different shellcode techniques on the Windows Kernel
☆13Updated 5 months ago
Alternatives and similar repositories for Windows-Kernel-Shellcode
Users that are interested in Windows-Kernel-Shellcode are comparing it to the libraries listed below
Sorting:
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆35Updated 2 years ago
- 32 bit process inject shellcode to 32 bit process and 64 bit process☆36Updated 2 years ago
- An implementation of an indirect system call☆131Updated 2 years ago
- Hide Port In Windows☆41Updated 11 months ago
- Windows Kernel Knowledge && Collect Resources on the wire && Nothing innovation by myself &&☆58Updated 2 weeks ago
- Stack integrity verification to Detect SleepMask or CallStack Spoofer☆37Updated 2 months ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆35Updated 3 years ago
- ☆41Updated 2 years ago
- 看起来叫BabyBypass,实际啥都会记一些☆16Updated 2 years ago
- Windows Defender VDM lua collections☆48Updated 2 years ago
- Beacon compiled using clang☆71Updated 2 years ago
- ☆57Updated 3 years ago
- ☆33Updated 2 years ago
- Check if your AV/EDR does inline hooking, displays the hooked functions and allows you to compare them with the original ones.☆35Updated 5 months ago
- DiagTrack Eop (From Service Account to SYSTEM)☆23Updated 2 years ago
- Evasive loader to bypass static detection☆59Updated last year
- A work in progress of constructing a minimal http(s) beacon for Cobalt Strike.☆25Updated 3 years ago
- BOF implementations of CVE-2024-26229 for Cobalt Strike and BruteRatel☆26Updated last year
- shellcode-loaders and beacon-loaders☆70Updated last year
- Simulate per-process disconnection in red team environments☆110Updated 3 months ago
- A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines☆45Updated 2 years ago
- shellcode生成框架☆87Updated last year
- Detect BypassUAC using AMSI☆26Updated 7 months ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆42Updated 3 years ago
- 自用的shellcode生成框架☆32Updated 2 years ago
- This PoC uses two diferent technics for stealing the primary token from all running processes, showing that is possible to impersonate a…☆57Updated 3 years ago
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- ☆15Updated 2 years ago
- Beacon Debugger☆55Updated 11 months ago
- PoC for Acronis Arbitrary File Read - CVE-2022-45451☆18Updated 2 years ago