☆18Feb 29, 2024Updated 2 years ago
Alternatives and similar repositories for DUALITY
Users that are interested in DUALITY are comparing it to the libraries listed below
Sorting:
- single-threaded event driven sleep obfuscation poc for linux☆38Jun 14, 2025Updated 9 months ago
- ☆24Feb 1, 2025Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆65Mar 19, 2024Updated 2 years ago
- Situational Awareness script to identify how and where to run implants☆68Dec 6, 2024Updated last year
- Panoptes Endpoint Detection and Response Solution☆43Mar 7, 2026Updated 2 weeks ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support☆23Sep 15, 2021Updated 4 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Jun 10, 2025Updated 9 months ago
- Local SYSTEM auth trigger for relaying - X☆154Jul 23, 2025Updated 7 months ago
- ☆43Jul 17, 2025Updated 8 months ago
- Safe Harbor is a BOF that streamlines process reconnaissance for red team operations by identifying trusted, low-noise targets to maintai…☆78Oct 27, 2025Updated 4 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- This POC provides the possibilty to execute x86 shellcode in form of a .bin file based on x86 inline assembly☆20Apr 17, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Feb 9, 2024Updated 2 years ago
- Load a dynamic library from memory using a fuse mount☆31Sep 15, 2023Updated 2 years ago
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆52May 16, 2025Updated 10 months ago
- A PowerShell script designed to detect misconfigured Azure Storage Accounts that could potentially be exploited for privilege escalation …☆13Apr 25, 2024Updated last year
- ☆31Jul 26, 2024Updated last year
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- A cross-platform tool to parse and describe the contents of a raw ntSecurityDescriptor structure☆48Oct 4, 2025Updated 5 months ago
- Spoofing desktop login applications with WinForms and WPF☆177Feb 19, 2024Updated 2 years ago
- Leak NTLM via Website tab in teams via MS Office☆79Mar 28, 2024Updated last year
- Cobalt Strike notifications via NTFY.☆15Sep 24, 2024Updated last year
- ☆60Dec 15, 2023Updated 2 years ago
- Powershell and python utilties for Entra Connect☆29Jun 5, 2025Updated 9 months ago
- A simple to use single-include Windows API resolver☆23Jul 9, 2024Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- ☆53Jul 8, 2025Updated 8 months ago
- ☆31Dec 5, 2024Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- POC tool to abuse windows server failover clusters☆55Aug 7, 2025Updated 7 months ago
- Repo hacks☆21Dec 7, 2025Updated 3 months ago