t1Sh1n4 / UmbrellaView external linksLinks
Umbrella will protect your shellcode from the rain.
☆31Jun 4, 2025Updated 8 months ago
Alternatives and similar repositories for Umbrella
Users that are interested in Umbrella are comparing it to the libraries listed below
Sorting:
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- ☆10Jul 1, 2023Updated 2 years ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆29Oct 2, 2025Updated 4 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆135Apr 6, 2025Updated 10 months ago
- A python polymorphic engine for C programs☆12Dec 8, 2023Updated 2 years ago
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆36Jan 13, 2026Updated last month
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 5 months ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆92Jul 7, 2025Updated 7 months ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts existing Mythic shellcode into payloads specific…☆89Updated this week
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- Examples of various container types for Python and Golang☆16Aug 29, 2025Updated 5 months ago
- Python3 tool to perform password spraying using RDP☆16Aug 14, 2023Updated 2 years ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆14Apr 25, 2022Updated 3 years ago
- Aliasr is a modern, feature-rich TUI launcher for penetration testing commands inspired by Arsenal, but with significantly improved funct…☆92Jan 26, 2026Updated 2 weeks ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated 11 months ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆55Jul 13, 2025Updated 7 months ago
- A standalone tool for logging shell commands to GhostWriter automatically☆19Aug 24, 2024Updated last year
- Leveraging AWS Lambda Function URLs for C2 Redirection☆45Aug 30, 2023Updated 2 years ago
- slides for talk given during uscg 2023 combine☆38Sep 6, 2023Updated 2 years ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆17May 6, 2024Updated last year
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Jan 5, 2026Updated last month
- Windows Privilege Escalation☆23Jun 7, 2022Updated 3 years ago
- rust port of pspy with support for process monitoring over dbus☆35Jan 4, 2026Updated last month
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆146Jul 17, 2025Updated 6 months ago
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated 10 months ago
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆64Feb 3, 2026Updated last week
- Yet another shellcode loader - but a sneaky one☆25Apr 16, 2025Updated 9 months ago
- Reports on Driver, LSASS and other security services mitigations☆34Aug 18, 2025Updated 5 months ago
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆43Aug 10, 2025Updated 6 months ago
- MailSecOps is an email and mail gateway security testing tool. With this script, you can perform mail spoofing, relay tests and security …☆56Nov 20, 2024Updated last year
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆50Jun 16, 2025Updated 8 months ago
- Recon scripts for Red Team and Web blackbox auditing☆26Dec 29, 2025Updated last month
- A comprehensive list of aerospace affiliated CVEs 🚀👾⚠️☆27Dec 22, 2024Updated last year
- ☆27Dec 23, 2023Updated 2 years ago
- Executing Kernel Routines via Syscall Table Hijack (Kernel Code Execution)☆57Jun 15, 2025Updated 8 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated 11 months ago