raykaryshyn / FakeTLSLinks
Client/server code that impersonates TLS 1.3 to disguise C2 activity.
☆69Updated 2 years ago
Alternatives and similar repositories for FakeTLS
Users that are interested in FakeTLS are comparing it to the libraries listed below
Sorting:
- ☆50Updated 2 years ago
- An implementation of an indirect system call☆129Updated last year
- ☆166Updated 3 years ago
- Windows API Call Obfuscation☆106Updated 2 years ago
- Load static-compiled PE from remote server.☆62Updated 3 years ago
- A basic C2 framework written in C☆60Updated 11 months ago
- It stinks☆102Updated 3 years ago
- bring your own vulnerable driver☆99Updated 2 years ago
- Building and Executing Position Independent Shellcode from Object Files in Memory☆156Updated 4 years ago
- DLL Hollowing PoC - Remote and Self shellcode injection☆80Updated 3 years ago
- ☆96Updated 3 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆67Updated 2 years ago
- ☆114Updated 2 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆217Updated 2 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- Beacon compiled using clang☆69Updated 2 years ago
- Evasive loader to bypass static detection☆58Updated last year
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆127Updated 3 years ago
- Windows Defender VDM lua collections☆47Updated 2 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆139Updated 3 years ago
- shellcode-loaders and beacon-loaders☆64Updated last year
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆103Updated 2 years ago
- Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode☆60Updated 4 years ago
- ☆142Updated 2 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆138Updated 2 years ago
- Simple windows rpc server for research purposes only☆82Updated 3 years ago
- The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/☆187Updated 2 years ago
- An Obfuscator-LLVM based mingw-w64 toolchain.☆40Updated 3 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆71Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆69Updated 2 years ago