raykaryshyn / FakeTLS
Client/server code that impersonates TLS 1.3 to disguise C2 activity.
☆58Updated 2 years ago
Related projects: ⓘ
- ☆100Updated this week
- Load static-compiled PE from remote server.☆56Updated 2 years ago
- bring your own vulnerable driver☆66Updated last year
- ☆161Updated 2 years ago
- Windows API Call Obfuscation☆86Updated last year
- C2☆70Updated 2 weeks ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆102Updated 3 years ago
- ☆97Updated last year
- DLL Hollowing PoC - Remote and Self shellcode injection☆68Updated 2 years ago
- PoC: Rebuild A New Path Back to the Heaven's Gate (HITB 2021)☆100Updated 3 years ago
- ☆81Updated 2 years ago
- ☆123Updated 2 years ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆79Updated last year
- It stinks☆99Updated 2 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆123Updated 2 years ago
- An implementation of an indirect system call☆99Updated last year
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆120Updated last year
- Exploring in-memory execution of .NET☆130Updated 2 years ago
- A basic C2 framework written in C☆53Updated 2 months ago
- ☆88Updated this week
- a library that automates some clean syscalls to make it easier to implement☆80Updated last year
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆189Updated 2 years ago
- Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode☆57Updated 3 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆97Updated 2 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆50Updated 3 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆154Updated 3 years ago
- ☆43Updated 2 years ago
- Simple windows rpc server for research purposes only☆81Updated 2 years ago
- A nice process dumping tool☆49Updated 2 years ago
- ☆61Updated this week