silentwarble / Hannibal
Mythic C2 Agent written in x64 PIC C
☆67Updated 3 weeks ago
Alternatives and similar repositories for Hannibal:
Users that are interested in Hannibal are comparing it to the libraries listed below
- Section-based payload obfuscation technique for x64☆59Updated 6 months ago
- Construct the payload at runtime using an array of offsets☆61Updated 8 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆58Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆68Updated 9 months ago
- ☆97Updated last year
- Threadless shellcode injection tool☆63Updated 6 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆76Updated 4 months ago
- ☆122Updated 5 months ago
- Lateral Movement via the .NET Profiler☆79Updated 2 months ago
- ☆52Updated 3 months ago
- ☆60Updated 8 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆73Updated last month
- A process injection technique using only thread context manipulation☆25Updated last year
- ☆93Updated 5 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆59Updated 11 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆82Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆53Updated 3 months ago
- ☆107Updated 2 months ago
- Rewrite to fit my needs☆27Updated 7 months ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- ☆52Updated last month
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆54Updated last month
- Bypassing Amsi using LdrLoadDll☆37Updated last month
- Run Cobalt Strike BOFs in Brute Ratel C4!☆61Updated last month