rbmm / ARL
☆23Updated 2 weeks ago
Alternatives and similar repositories for ARL:
Users that are interested in ARL are comparing it to the libraries listed below
- RunPE adapted for x64 and written in C, does not use RWX☆23Updated 8 months ago
- ☆23Updated 9 months ago
- Self Delete DLL☆23Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- Cobalt Strike notifications via NTFY.☆13Updated 4 months ago
- ☆28Updated 2 months ago
- macOS dylib stager☆31Updated 3 weeks ago
- ☆28Updated 6 months ago
- Unix Process hollowing in rust☆20Updated last month
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆41Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- BOF for C2 framework☆39Updated 3 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆31Updated 8 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆22Updated last year
- ☆43Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 7 months ago
- ☆15Updated 11 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Extension functionality for the NightHawk operator client☆26Updated last year
- the Open Source and Pure C++ Packer for eXecutables☆18Updated last year
- API Hammering with C++20☆45Updated 2 years ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆19Updated last year
- .NET port of Leron Gray's azbelt tool.☆26Updated last year
- A pure C version of SymProcAddress☆25Updated 10 months ago
- ☆47Updated last year