fireELF - Fileless Linux Malware Framework
☆679Apr 17, 2019Updated 6 years ago
Alternatives and similar repositories for fireELF
Users that are interested in fireELF are comparing it to the libraries listed below
Sorting:
- PostShell - Post Exploitation Bind/Backconnect Shell☆83Sep 9, 2019Updated 6 years ago
- mXtract - Memory Extractor & Analyzer☆588Nov 9, 2021Updated 4 years ago
- a PoC for Linux to get around agents that log commands being executed, without root privilege. Linux低权限模糊化执行的程序名和参数,避开基于execve系统调用监控的命令日志☆245May 8, 2019Updated 6 years ago
- A Solution For Cross-Platform Obfuscated Commands Detection presented on CIS2019 China. 动静态Bash/CMD/PowerShell命令混淆检测框架 - CIS 2019大会☆165Aug 21, 2019Updated 6 years ago
- Linux post exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and l…☆541Apr 14, 2021Updated 4 years ago
- Antivirus evasion project☆1,153Jan 19, 2025Updated last year
- Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.☆1,082Apr 5, 2022Updated 3 years ago
- Load shellcode into a new process☆768Jun 2, 2021Updated 4 years ago
- A post exploitation framework designed to operate covertly on heavily monitored environments☆2,169Sep 29, 2021Updated 4 years ago
- Red Team Tool Kit☆1,132Dec 8, 2022Updated 3 years ago
- Practice Go programming and implement CobaltStrike's Beacon in Go☆1,263Oct 2, 2020Updated 5 years ago
- APT34/OILRIG leak☆232Apr 17, 2019Updated 6 years ago
- Extracting Clear Text Passwords from mstsc.exe using API Hooking.☆1,432Jul 20, 2024Updated last year
- A native backdoor module for Microsoft IIS (Internet Information Services)☆556Jul 3, 2020Updated 5 years ago
- Tool for injecting a shared object into a Linux process☆1,221Feb 23, 2022Updated 4 years ago
- PowerShell ReverseTCP Shell - Framework☆1,064Sep 18, 2022Updated 3 years ago
- A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro…☆2,235Dec 27, 2023Updated 2 years ago
- Payload Generation Framework☆1,976Aug 21, 2024Updated last year
- Process Injection☆768Oct 24, 2021Updated 4 years ago
- cobaltstrike ms17-010 module and some other☆418Jun 13, 2019Updated 6 years ago
- mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…☆769Feb 16, 2021Updated 5 years ago
- Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing…☆1,735Jan 16, 2026Updated 2 months ago
- Fileless lateral movement tool that relies on ChangeServiceConfigA to run command☆1,608Jul 10, 2023Updated 2 years ago
- A Bind Shell Using the Fax Service and a DLL Hijack☆332May 3, 2020Updated 5 years ago
- Venom - A Multi-hop Proxy for Penetration Testers☆2,151May 11, 2022Updated 3 years ago
- 🕳 godoh - A DNS-over-HTTPS C2☆805Dec 19, 2023Updated 2 years ago
- Golang malware development library☆977Dec 13, 2024Updated last year
- FCL (Fileless Command Lines) - Known command lines of fileless malicious executions☆477Apr 8, 2021Updated 4 years ago
- Windows Event Log Killer☆1,813Sep 21, 2023Updated 2 years ago
- Windows 10 UAC bypass for all executable files which are autoelevate true .☆641Dec 9, 2019Updated 6 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆824Mar 10, 2022Updated 4 years ago
- A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.☆630Sep 8, 2022Updated 3 years ago
- RedPeanut is a small RAT developed in .Net Core 2 and its agent in .Net 3.5 / 4.0.☆330Jul 7, 2023Updated 2 years ago
- AntiVirus Evasion Tool☆1,746Apr 23, 2025Updated 10 months ago
- [Linux] Two Privilege Escalation techniques abusing sudo token☆732Apr 14, 2019Updated 6 years ago
- Converts PE into a shellcode☆2,752Aug 30, 2025Updated 6 months ago
- This tool will setting up your backdoor/rootkits when backdoor already setup it will be hidden your spesisifc process,unlimited your sess…☆750Sep 1, 2022Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆4,491Jul 8, 2025Updated 8 months ago
- A tool mainly to erase specified records from Windows event logs, with additional functionalities.☆607Sep 7, 2018Updated 7 years ago