sandflysecurity / sandfly-processdecloakLinks
Sandfly Linux Stealth Rootkit Decloaking Utility
☆100Updated 2 years ago
Alternatives and similar repositories for sandfly-processdecloak
Users that are interested in sandfly-processdecloak are comparing it to the libraries listed below
Sorting:
- Zombie Ant Farm: Primitives and Offensive Tooling for Linux EDR evasion.☆225Updated 5 years ago
- Binary to shellcode from an object/executable format 32 & 64-bit PE , ELF☆73Updated 4 years ago
- Proxy Unix applications in the terminal☆114Updated 4 years ago
- bdvl☆113Updated 3 years ago
- A collection of scripts for dealing with Cobalt Strike beacons in Python☆168Updated 4 years ago
- A collection of projects demonstrating various commandline cloaking techniques on Linux☆58Updated 2 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆88Updated last year
- ☆167Updated 4 years ago
- Mara is a userland pty/tty sniffer☆53Updated last year
- ☆113Updated 3 years ago
- Golang PE injection on windows☆167Updated 3 years ago
- Harvis is designed to automate your C2 Infrastructure.☆108Updated 2 years ago
- Yapscan is a YAra based Process SCANner, aimed at giving more control about what to scan and giving detailed reports on matches.☆61Updated last year
- ☆62Updated 11 months ago
- A small POC of using Azure Functions to relay communications. Feel free to add additional functionality beyond this POC!☆75Updated 2 years ago
- Ingest openldap data into bloodhound☆81Updated 4 years ago
- Python library for dissecting and parsing Cobalt Strike related data such as Beacon payloads and Malleable C2 Profiles☆167Updated 2 months ago
- Companion PoC for the "Adventures in Dynamic Evasion" blog post☆121Updated 4 years ago
- Forblaze - A Python Mac Steganography Payload Generator☆57Updated 3 years ago
- ☆52Updated 3 years ago
- A collection of Tools and Rules for decoding Brute Ratel C4 badgers☆62Updated 2 years ago
- The following repository contains a modified version of SUNBURST with cracekd hashes, comments and annotations.☆56Updated 4 years ago
- ☆98Updated 4 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 5 years ago
- ELF Sectional docking payload injector system☆21Updated 2 years ago
- LPE for CVE-2020-1054 targeting Windows 7 x64☆86Updated 4 years ago
- This is a group of tools that I was planning on releasing During Derbycon 2019 talk if it was accepted or with a blogpost if not.☆43Updated 3 years ago
- A simple command line program to help defender test their detections for network beacon patterns and domain fronting☆69Updated 3 years ago
- Finding secrets in kernel and user memory☆116Updated last year
- Unpacking and decryption tools for the Emotet malware☆46Updated 3 years ago