synap5e / onefile_python
Run python from a single exe
☆34Updated 2 years ago
Related projects: ⓘ
- Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim☆30Updated 3 years ago
- ShellcodeFluctuation PoC ported to Nim☆72Updated last year
- Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.☆20Updated 2 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆88Updated 2 years ago
- A simple Nim stager (w/ fiber execution)☆14Updated 2 years ago
- ☆47Updated last year
- Grab unsaved Notepad contents with a Beacon Object File☆48Updated 2 years ago
- Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used☆92Updated 3 years ago
- ☆35Updated 2 years ago
- A nim port of C5pider's Ekko project.☆16Updated last year
- maldev obviously☆23Updated 2 months ago
- Extension functionality for the NightHawk operator client☆26Updated 10 months ago
- A care package of useful bofs for red team engagments☆47Updated last year
- C# project to Reflectively load .Net assemblies in memory☆15Updated 3 months ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆18Updated last year
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 2 years ago
- ☆21Updated 2 years ago
- Sleep Obfuscation☆39Updated last year
- A small example of loading BOFs in Python with pure reflection☆16Updated last year
- ☆29Updated last year
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- DLL Exports Extraction BOF with optional NTFS transactions.☆76Updated 2 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆17Updated last year
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated 8 months ago
- a simple backdoor in Nim☆17Updated 3 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆53Updated 3 years ago
- ☆37Updated last year
- load dumped csharp binaries as assemblies and launch them in memory☆23Updated 7 months ago
- ☆18Updated 2 years ago
- Example of using Sleep to create better named pipes.☆41Updated last year