Alternatives and similar repositories for building-c2-implants-in-cpp:

Users that are interested in building-c2-implants-in-cpp are comparing it to the libraries listed below

• c0de90e7 / GhostWriting
  GhostWriting Injection Technique.
  ☆166Updated 6 years ago
• boku7 / HOLLOW
  EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and e…
  ☆271Updated last year
• trustedsec / COFFLoader
  ☆490Updated 2 months ago
• xforcered / BokuLoader
  A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
  ☆321Updated 6 months ago
• trickster0 / TartarusGate
  TartarusGate, Bypassing EDRs
  ☆560Updated 3 years ago
• thefLink / DeepSleep
  A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC
  ☆354Updated 2 years ago
• kymb0 / Malware_learns
  ☆128Updated last year
• oXis / GPUSleep
  Move CS beacon to GPU memory when sleeping
  ☆242Updated 3 years ago
• antonioCoco / MalSeclogon
  A little tool to play with the Seclogon service
  ☆309Updated 2 years ago
• daem0nc0re / AtomicSyscall
  Tools and PoCs for Windows syscall investigation.
  ☆357Updated 3 weeks ago
• lab52io / LeakedHandlesFinder
  Leaked Windows processes handles identification tool
  ☆281Updated 2 years ago
• dobin / antnium
  A C2 framework for initial access in Go
  ☆176Updated 2 years ago
• ajpc500 / BOFs
  Collection of Beacon Object Files
  ☆567Updated 2 years ago
• Wra7h / FlavorTown
  Various ways to execute shellcode
  ☆476Updated 10 months ago
• itm4n / PPLmedic
  Dump the memory of any PPL with a Userland exploit chain
  ☆333Updated last year
• rad9800 / TamperingSyscalls
  ☆470Updated 2 years ago
• connormcgarr / Kernel-Exploits
  Kernel Exploits
  ☆247Updated 3 years ago
• thefLink / Hunt-Sleeping-Beacons
  Aims to identify sleeping beacons
  ☆548Updated last month
• Cracked5pider / Ekko
  Sleep Obfuscation
  ☆712Updated last year
• iilegacyyii / ThreadlessInject-BOF
  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…
  ☆371Updated last year
• Cracked5pider / CoffeeLdr
  Beacon Object File Loader
  ☆282Updated last year
• Bw3ll / ShellWasp
  ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Wind…
  ☆165Updated last year
• SaadAhla / D1rkLdr
  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
  ☆309Updated last year
• rad9800 / WTSRM
  WTSRM
  ☆206Updated 2 years ago
• SolomonSklash / SleepyCrypt
  A shellcode function to encrypt a running process image when sleeping.
  ☆334Updated 3 years ago
• 0xTriboulet / Revenant
  Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework
  ☆372Updated 6 months ago
• codewhitesec / HandleKatz
  PIC lsass dumper using cloned handles
  ☆579Updated 2 years ago
• ajpc500 / NimlineWhispers
  A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.
  ☆163Updated 3 years ago
• VirtualAlllocEx / Create-Thread-Shellcode-Fetcher
  This POC gives you the possibility to compile a .exe to completely avoid statically detection by AV/EPP/EDR of your C2-shellcode and down…
  ☆248Updated last year
• binderlabs / DirCreate2System
  Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
  ☆358Updated 2 years ago