yet another sleep encryption thing. also used the default github repo name for this one.
☆69May 11, 2023Updated 3 years ago
Alternatives and similar repositories for effective-waffle
Users that are interested in effective-waffle are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆66Mar 19, 2024Updated 2 years ago
- idk man this was the default github name☆35Apr 23, 2023Updated 3 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Feb 28, 2023Updated 3 years ago
- ☆84Nov 1, 2023Updated 2 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 4 years ago
- Bare Metal GPUs on DigitalOcean Gradient AI • AdPurpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
- miscellaneous codes☆38Sep 24, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆265Jun 29, 2024Updated last year
- ☆156Oct 2, 2023Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆55Apr 20, 2022Updated 4 years ago
- Set the process mitigation policy for loading only Microsoft Modules , and block any userland 3rd party modules☆43May 6, 2023Updated 3 years ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆87Mar 19, 2023Updated 3 years ago
- ☆131Jun 28, 2023Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆135Sep 27, 2023Updated 2 years ago
- ☆124Oct 9, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 7 months ago
- EvtPsst☆55Oct 24, 2023Updated 2 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Feb 11, 2024Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆68May 2, 2023Updated 3 years ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 3 years ago
- ☆322Jun 28, 2023Updated 2 years ago
- ETW based POC to identify direct and indirect syscalls☆197Apr 19, 2023Updated 3 years ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆262May 10, 2023Updated 3 years ago
- Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)☆115May 21, 2023Updated 3 years ago
- Simple BOF to read the protection level of a process☆123May 10, 2023Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆246Sep 26, 2023Updated 2 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆116Aug 29, 2022Updated 3 years ago
- Patching AmsiOpenSession by forcing an error branching☆154Aug 2, 2023Updated 2 years ago
- A .NET malware loader, using API-Hashing to evade static analysis☆208May 30, 2023Updated 3 years ago
- malleable profile generator GUI for Havoc☆55Apr 28, 2023Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆142Jun 21, 2023Updated 2 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆289Jun 8, 2023Updated 3 years ago
- Threadless Process Injection through entry point hijacking☆353Sep 10, 2024Updated last year
- ☆569Feb 22, 2024Updated 2 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆312Feb 13, 2023Updated 3 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 6 months ago
- The code is a pingback to the Dark Vortex blog:☆189Jan 26, 2023Updated 3 years ago