frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.
☆58Apr 18, 2023Updated 2 years ago
Alternatives and similar repositories for SideloadFinder
Users that are interested in SideloadFinder are comparing it to the libraries listed below
Sorting:
- ☆11Sep 30, 2023Updated 2 years ago
- kill AV/EDR☆21Jun 9, 2023Updated 2 years ago
- more conveniently Visual-Studio-BOF-template☆75Sep 12, 2023Updated 2 years ago
- ☆15Aug 22, 2022Updated 3 years ago
- Using Windows Hook to make a CLI WebShellKill☆45Feb 4, 2019Updated 7 years ago
- Its a coff loader ported to go( Modified by TimWhite )☆26Jul 17, 2023Updated 2 years ago
- 向pyc中插入python代码或shellcode☆20Mar 25, 2024Updated last year
- 批量获取域内机器桌面文件☆79Sep 6, 2022Updated 3 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- MyDict - 自行收集的高频使用字典文件☆80May 8, 2025Updated 10 months ago
- 导出coremail联系人☆18Apr 19, 2023Updated 2 years ago
- ☆21Feb 19, 2021Updated 5 years ago
- Bloodhound 数据解析工具☆22Jun 10, 2025Updated 8 months ago
- golang implementation of Syswhisper2/Syswhisper3☆23Mar 23, 2022Updated 3 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 10 months ago
- ProcExp Driver (Ab)use☆22Dec 28, 2022Updated 3 years ago
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- ☆46Jun 25, 2024Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆97Mar 20, 2023Updated 2 years ago
- Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user; Adding the sam_the_admin_maq when MachineAccoun…☆22May 31, 2024Updated last year
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆31Jan 14, 2023Updated 3 years ago
- Bypassing AV, EDR, Application Whitelisting and ASR Rules☆13Apr 18, 2023Updated 2 years ago
- ☆26Apr 24, 2025Updated 10 months ago
- Kill Everything AV/EDR☆27Nov 18, 2024Updated last year
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- some AV / EDR / analysis studies☆10May 21, 2023Updated 2 years ago
- A little tool to play with Windows security☆12Jan 21, 2026Updated last month
- 一键生成免杀木马的 shellcode 免杀框架☆192Jun 28, 2024Updated last year
- golang+c#乱写了一个基于http的垃圾远控(支持团队协同作战,功能很少)(三端)☆43Feb 21, 2022Updated 4 years ago
- Scripting together some of my favorite Python tools for doing initial triage of a suspected malicious document (e.g. PDF, DOC, DOCX, XSLM…☆17Mar 8, 2022Updated 4 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- 多组件客户端☆74May 1, 2025Updated 10 months ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 2 years ago
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year
- 修改:https://github.com/projectdiscovery/cdncheck☆52Jan 22, 2024Updated 2 years ago
- Windows Token Stealing Expert☆485Nov 24, 2023Updated 2 years ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆16Jul 5, 2024Updated last year
- A simple C2 using Google Translate Webpage for data evasion☆12Jan 30, 2023Updated 3 years ago