Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.
☆44Jun 12, 2025Updated 9 months ago
Alternatives and similar repositories for shellnot
Users that are interested in shellnot are comparing it to the libraries listed below
Sorting:
- ☆33Jan 23, 2025Updated last year
- ☆38Apr 15, 2025Updated 11 months ago
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- ☆10Jul 1, 2023Updated 2 years ago
- PowerShell implementation for AD CS☆115Mar 2, 2026Updated 2 weeks ago
- Solving CAPTCHA with Image Classification☆10Mar 13, 2025Updated last year
- A small How-To on creating your own weaponized WSL file☆124Jul 23, 2025Updated 7 months ago
- Dump processes over WMI with MSFT_MTProcess☆85Feb 13, 2026Updated last month
- ☆13Dec 29, 2022Updated 3 years ago
- KittyLoader is a highly evasive loader written in C / Assembly☆258Sep 22, 2025Updated 5 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 8 months ago
- Sleep obfuscation☆270Dec 13, 2024Updated last year
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆265Nov 22, 2025Updated 3 months ago
- General Purpose OpSec Server☆112Updated this week
- ☆164May 5, 2025Updated 10 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- Automating the MITM attack on WSUS☆312Updated this week
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆407Sep 26, 2024Updated last year
- Weaponizing DCOM for NTLM Authentication Coercions☆274Jul 1, 2025Updated 8 months ago
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆37Dec 12, 2025Updated 3 months ago
- Detect public repository dependencies in the GitHub repositories with an orphan required library.☆22Jun 24, 2025Updated 8 months ago
- Rust Weaponization for Red Team Engagements.☆12Nov 14, 2022Updated 3 years ago
- SharpSuccessor is a .NET Proof of Concept (POC) for fully weaponizing Yuval Gordon’s (@YuG0rd) BadSuccessor attack from Akamai.☆396Sep 26, 2025Updated 5 months ago
- Unix-inspired shell and RAM filesystem for the Commodore 64 (6502 assembly) / AI-assisted development☆23Feb 27, 2026Updated 2 weeks ago
- Released presentations of my talks + code that used during these talks☆15Sep 5, 2024Updated last year
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆28May 13, 2025Updated 10 months ago
- Vulnerabilities advisories and PoC☆18Nov 21, 2025Updated 3 months ago
- A POC to disable TamperProtection and other Defender / MDE components☆255Jun 6, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 8 months ago
- Synthetic data for object detection and segmentation☆15Oct 5, 2023Updated 2 years ago
- NailaoLoader: Hiding Execution Flow via Patching☆23Feb 27, 2025Updated last year
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆52May 16, 2025Updated 10 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- A malicious OAuth application that can be leveraged for both internal and external phishing attacks targeting Microsoft Azure and Office3…☆168Jul 31, 2025Updated 7 months ago