securedglobe / PersistantService
A persistant Windows Service Proof of Concept, where the Service will run after Restart or Shutdown, and invoke a given software executable
☆35Updated last year
Related projects ⓘ
Alternatives and complementary repositories for PersistantService
- Herpaderply Hollowing - a PE injection technique, hybrid between Process Hollowing and Process Herpaderping☆45Updated 2 years ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆30Updated 2 years ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 10 months ago
- Titan: A crappy Reflective Loader written in C and assembly for Cobalt Strike. Redirects DNS Beacon over DoH☆43Updated 3 years ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆42Updated last year
- Executes shellcode from a remote server and aims to evade in-memory scanners☆30Updated 4 years ago
- Get your data from the resource section manually, with no need for windows apis☆53Updated 3 weeks ago
- ☆37Updated last year
- API Hammering with C++20☆34Updated 2 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 9 months ago
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆33Updated 3 years ago
- ☆53Updated 2 years ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated 9 months ago
- A Study in Obfuscation: Analyzing the effect of various techniques to bypass AV engines☆41Updated 2 years ago
- An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot☆59Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆24Updated 10 months ago
- C# Tool to interact with MS Exchange based on MS docs☆98Updated last year
- a library that automates some clean syscalls to make it easier to implement☆82Updated 2 years ago
- POC of PPID spoofing using NtCreateUserProcess with syscalls to create a suspended process and performing process injection by overwritti…☆38Updated 3 years ago
- Windows LPE Nday☆24Updated 6 months ago
- ☆48Updated last year
- ☆22Updated last year
- ☆12Updated last year