A Crystal Palace shared library to resolve & perform syscalls
☆56Oct 29, 2025Updated 4 months ago
Alternatives and similar repositories for LibGate
Users that are interested in LibGate are comparing it to the libraries listed below
Sorting:
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 10 months ago
- A PoC UDRL for Cobalt Strike built with Crystal Palace that combines Raphael Mudge's page streaming technique with a modular call gate (D…☆93Jan 21, 2026Updated last month
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 10 months ago
- CLI Search for Security Operators of MITRE ATT&CK URLs☆17Jan 5, 2023Updated 3 years ago
- ☆54Oct 13, 2025Updated 4 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆64Apr 2, 2025Updated 10 months ago
- Attack Active Directory Trusts with a single tool☆14Jan 15, 2025Updated last year
- Evasion kit for Cobalt Strike☆30Jan 16, 2026Updated last month
- ☆50Jun 4, 2025Updated 8 months ago
- arm64 linux position-independent shellcode framework☆30Dec 12, 2025Updated 2 months ago
- Cobalt Strike BOF to freeze EDR/AV processes and dump LSASS using WerFaultSecure.exe PPL bypass☆115Jan 29, 2026Updated last month
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 8 months ago
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- A Mythic agent for Windows written in C☆158Updated this week
- Validates priv escalation of AD trusts☆48Apr 1, 2025Updated 11 months ago
- ☆31Jul 26, 2024Updated last year
- Find world writable directories that contain a .exe or .dll file☆13Aug 31, 2021Updated 4 years ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆137Apr 6, 2025Updated 10 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆186Jan 17, 2026Updated last month
- Lateral Movement Bof with MSI ODBC Driver Install☆144Sep 30, 2025Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Proof-of-Concept to evade auditd by tampering via ptrace☆19Aug 3, 2023Updated 2 years ago
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Fast covert timing channel communication for inter-process and inter-processor communication on Windows systems.☆68Nov 15, 2025Updated 3 months ago
- Local SYSTEM auth trigger for relaying - X☆155Jul 23, 2025Updated 7 months ago
- ☆139Jan 16, 2025Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆66Dec 15, 2025Updated 2 months ago
- ☆47Dec 5, 2025Updated 2 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆221Jun 4, 2025Updated 8 months ago
- COM-based DLL Surrogate Injection☆142Dec 9, 2025Updated 2 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- ☆51Jun 28, 2025Updated 8 months ago
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated last year
- AppLocker-Based EDR Neutralization☆321Dec 19, 2025Updated 2 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- tsh多终端代理通信☆19Feb 26, 2025Updated last year