MacOS Shared Library to Shellcode Loader
☆54Feb 23, 2026Updated 2 weeks ago
Alternatives and similar repositories for beignet
Users that are interested in beignet are comparing it to the libraries listed below
Sorting:
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- An example of how a driver can register a handle creation callback.☆16Jun 12, 2023Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Tools for playing w/ CobaltStrike config - extractin, detection, processing, etc...☆28Apr 13, 2023Updated 2 years ago
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆84Jan 26, 2026Updated last month
- Cobalt Strike BOF☆43Dec 10, 2025Updated 2 months ago
- Golang search engine scraper intended for identification of published ClickOnce deployments☆91Nov 19, 2024Updated last year
- ☆36Aug 21, 2024Updated last year
- ☆30May 23, 2024Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆59Sep 7, 2024Updated last year
- From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…☆53Sep 22, 2025Updated 5 months ago
- Tutorial covering how to discover DLLs for Hijacking and how to create proxy DLLS using Microsoft Teams as an example☆16Apr 7, 2021Updated 4 years ago
- PoC of Spring AMQP Deserialization Vulnerability (CVE-2023-34050)☆13Jan 29, 2024Updated 2 years ago
- Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).☆43Apr 2, 2025Updated 11 months ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆80Nov 6, 2025Updated 4 months ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆92Jan 8, 2025Updated last year
- Swift code to run a dylib on disk☆16May 9, 2022Updated 3 years ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- ☆154Updated this week
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- ☆38Oct 12, 2020Updated 5 years ago
- ☆121Nov 21, 2024Updated last year
- ☆79Aug 5, 2024Updated last year
- Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of …☆18Apr 4, 2023Updated 2 years ago
- BYOVD: Use 360 WFP driver to block EDR/XDR network connection.☆103Feb 10, 2026Updated 3 weeks ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆63Jan 5, 2026Updated 2 months ago
- ☆19Sep 15, 2021Updated 4 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Shellcode loader☆101Nov 24, 2024Updated last year
- ☆124May 12, 2021Updated 4 years ago
- PoC framework for Sliver compilation☆22Jan 14, 2025Updated last year
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- Interact with Chromium-based browsers' debug port to view open tabs, installed extensions, and cookies☆187Mar 19, 2023Updated 2 years ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆100Oct 18, 2025Updated 4 months ago
- BOF with Synthetic Stackframe☆230Oct 30, 2025Updated 4 months ago
- Example of running C3 (https://github.com/FSecureLABS/C3) in a Docker container☆27Oct 24, 2021Updated 4 years ago
- Unused DLL hollowing PoC in Nim��☆17Jan 31, 2022Updated 4 years ago