OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.
☆13Jan 18, 2024Updated 2 years ago
Alternatives and similar repositories for OwOwningTheWinAPI
Users that are interested in OwOwningTheWinAPI are comparing it to the libraries listed below
Sorting:
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- ☆38Jul 14, 2020Updated 5 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- ☆27Jun 17, 2021Updated 4 years ago
- couchdb remote command exec.☆14Mar 27, 2018Updated 7 years ago
- tp3注入总结☆19Jan 6, 2022Updated 4 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Terminate the eventlog thread to disable the windows eventlog☆21Apr 1, 2020Updated 5 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- Demo of process injection, using Nt, direct syscall, etc.☆27Sep 29, 2021Updated 4 years ago
- Iterate over Windows Handles☆15Nov 18, 2025Updated 4 months ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- windows API to hide console window by golang☆35Dec 20, 2021Updated 4 years ago
- ☆18Dec 7, 2021Updated 4 years ago
- 基于Flink实现实时冰蝎(Behinder)流量检测☆39Sep 30, 2019Updated 6 years ago
- Cobalt Strike teamserver detection.☆16Apr 26, 2021Updated 4 years ago
- 开源!自主设计的badusb电路板☆10Mar 26, 2021Updated 4 years ago
- crypto args for golang☆17Feb 14, 2022Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- post exploitation user monitoring tool☆20Jul 3, 2018Updated 7 years ago
- Rich woman scanner --富婆扫描器☆36Jul 18, 2022Updated 3 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆25Mar 26, 2020Updated 5 years ago
- Process injection techniques written in Go.☆65Jul 1, 2023Updated 2 years ago
- CVE-2020-17008 splWOW64 Elevation of Privilege☆46Dec 24, 2020Updated 5 years ago
- 关于蜜罐的一些微小的统计工作☆30Aug 26, 2020Updated 5 years ago
- 轻便的恶意反代☆48May 29, 2021Updated 4 years ago
- Use powershell to test Office-based persistence methods☆76Apr 17, 2021Updated 4 years ago
- go实现的各种字符串匹配算法☆18Jun 21, 2017Updated 8 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆44Oct 12, 2021Updated 4 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- 模拟Cobalt Strike的Beacon与C2通信过程,实现了基于HTTP协议的Linux C2☆141Jun 25, 2020Updated 5 years ago
- Collection of tested Cobaltstrike aggressor scripts.☆118Mar 16, 2020Updated 6 years ago
- 用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现☆25Dec 13, 2021Updated 4 years ago
- about CobaltStrike☆150Dec 1, 2023Updated 2 years ago
- AppContainerBypass☆21Apr 4, 2021Updated 4 years ago