raykaryshyn / FakeTLSLinks
Client/server code that impersonates TLS 1.3 to disguise C2 activity.
☆71Updated 3 years ago
Alternatives and similar repositories for FakeTLS
Users that are interested in FakeTLS are comparing it to the libraries listed below
Sorting:
- It stinks☆102Updated 3 years ago
- Simple windows rpc server for research purposes only☆83Updated 3 years ago
- An implementation of an indirect system call☆130Updated 2 years ago
- ☆50Updated 3 years ago
- Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode☆60Updated 4 years ago
- ☆166Updated 3 years ago
- ☆100Updated 3 years ago
- bring your own vulnerable driver☆110Updated 2 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆142Updated 3 years ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆75Updated 2 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆127Updated 3 years ago
- ☆147Updated 3 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆106Updated 4 years ago
- Exploring in-memory execution of .NET☆139Updated 3 years ago
- shellcode-loaders and beacon-loaders☆70Updated last year
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆105Updated 3 years ago
- ☆114Updated 2 years ago
- DLL Hollowing PoC - Remote and Self shellcode injection☆80Updated 3 years ago
- ☆56Updated 3 years ago
- A small PoC that creates processes in Windows☆185Updated last year
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆217Updated 2 years ago
- Exploitation of echo_driver.sys☆170Updated last year
- Building and Executing Position Independent Shellcode from Object Files in Memory☆158Updated 4 years ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆43Updated 3 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆71Updated 3 years ago
- Bypass UAC by abusing the Internet Explorer Add-on installer☆54Updated 4 years ago
- C++ WinRM API via Reflective DLL☆146Updated 3 years ago
- An Obfuscator-LLVM based mingw-w64 toolchain.☆41Updated 3 years ago
- ☆87Updated 2 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆139Updated 2 years ago