rek7 / ddoor

Related projects ⓘ

Alternatives and complementary repositories for ddoor

• thefLink / Memfiddler
  Executes shellcode from a remote server and aims to evade in-memory scanners
  ☆30Updated 4 years ago
• tomcarver16 / SimpleInjector
  A simple injector that uses LoadLibraryA
  ☆16Updated 4 years ago
• ex0dus-0x / menagerie
  Cross-platform malware development library for anti-analysis techniques
  ☆24Updated 3 years ago
• OccamsXor / sim-ba
  (Sim)ulate (Ba)zar Loader
  ☆29Updated 3 years ago
• jaamaal / Embed
  Adapt practically persistence steadiness strategies working at Windows 10 utilized by sponsored nation-state threat actors, as Turla, Pro…
  ☆20Updated 3 years ago
• jfmaes / DeepSleep
  all credits go to @mgeeky
  ☆58Updated 3 years ago
• sensepost / offensive-rpc
  Offensive RPC PoC
  ☆83Updated 3 years ago
• loneicewolf / EXEC_LKM
  A LKM (Loadable Kernel Module) to execute a command as root; I include a example of using netcat and a compiled(with source and steps on…
  ☆13Updated last month
• connormcgarr / Kernel-Escalation-of-Privileges-Payloads
  NT AUTHORITY\SYSTEM
  ☆38Updated 4 years ago
• aaaddress1 / masqueradeCmdline
  A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.
  ☆37Updated 3 years ago
• 11philip22 / CodeInjection
  Collection of shellcode injection and execution techniques
  ☆16Updated 3 years ago
• mobdk / Upsilon
  Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
  ☆92Updated 3 years ago
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆28Updated 2 years ago
• llkat / rsockstun
  reverse socks tunneler with ntlm and proxy support
  ☆50Updated 2 years ago
• AzAgarampur / byeintegrity4-uac
  Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers
  ☆16Updated 3 years ago
• SolomonSklash / UnhookingPOC
  A small commented POC for removing API hooks placed by AV/EDR.
  ☆33Updated 4 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆25Updated last year
• FlamingSpork / iptable_evil
  An evil bit backdoor for iptables
  ☆49Updated 3 years ago
• hyp3rlinx / NtFileSins
  Windows File Enumeration Intel Gathering Tool.
  ☆17Updated last year
• crummie5 / Freshycalls_PoC
  A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯
  ☆39Updated 3 years ago
• goichot / CVE-2020-3433
  PoCs and technical analysis of three vulnerabilities found on Cisco AnyConnect for Windows: CVE-2020-3433, CVE-2020-3434 and CVE-2020-343…
  ☆42Updated 4 years ago
• Yet-Zio / WusaBypassUAC
  UAC bypass abusing WinSxS in "wusa.exe". Referred from and similar to: https://github.com/L3cr0f/DccwBypassUAC , Kudos to L3cr0f and Fuz…
  ☆32Updated 3 years ago
• Adepts-Of-0xCC / SnoopyOwl
  ☆45Updated 3 years ago