Umbrella will protect your shellcode from the rain.
☆30Jun 4, 2025Updated last year
Alternatives and similar repositories for Umbrella
Users that are interested in Umbrella are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated 2 years ago
- A stealthier approach to WMI-based command execution using Impacket without touching the disk.☆83Mar 15, 2026Updated 2 months ago
- Aliasr is a modern, feature-rich TUI launcher for pentest commands.☆112Apr 23, 2026Updated last month
- ☆10Jul 1, 2023Updated 2 years ago
- Leveraging AWS Lambda Function URLs for C2 Redirection☆50Aug 30, 2023Updated 2 years ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆32Oct 2, 2025Updated 8 months ago
- A python polymorphic engine for C programs☆11Dec 8, 2023Updated 2 years ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆143Apr 6, 2025Updated last year
- Malware traffic obfuscation library☆38Jul 24, 2025Updated 10 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 5 months ago
- Notion C2 Profile for Mythic☆47Apr 30, 2026Updated last month
- rust port of pspy with support for process monitoring over dbus☆38Jan 4, 2026Updated 5 months ago
- An executable that simplifies adding the msds-AllowedToActOnBehalfOfOtherIdentity attribute for RBCD☆49Mar 10, 2025Updated last year
- ☆59Dec 10, 2025Updated 5 months ago
- Managed Database hosting by DigitalOcean • AdPostgreSQL, MySQL, MongoDB, Kafka, Valkey, and OpenSearch available. Automatically scale up storage and focus on building your apps.
- A C#-implemented malware that dynamically modifies its own hash upon each execution to evade detection.☆17Feb 3, 2025Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆131Jan 17, 2026Updated 4 months ago
- Examples of various container types for Python and Golang☆17Aug 29, 2025Updated 9 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆93Sep 10, 2025Updated 8 months ago
- Python3 tool to perform password spraying using RDP☆17Aug 14, 2023Updated 2 years ago
- Golang Automation Framework for Cobalt Strike using the Rest API☆60Apr 10, 2026Updated last month
- Windows Privilege Escalation☆24Jun 7, 2022Updated 4 years ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆97Jul 7, 2025Updated 11 months ago
- SharpCoercer is a .NET 4.8 C# tool that leverages 16 different RPC-based coercion methods to force remote Windows hosts to authenticate t…☆58Jul 13, 2025Updated 10 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- open source port/reimplementation of the Cobalt Strike BOF Loader as is☆72Mar 8, 2026Updated 3 months ago
- Process Ghosting is a technique in which a process is created from a delete pending file. This means the created process is not backed by…☆16May 6, 2024Updated 2 years ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Yet another shellcode loader - but a sneaky one☆26Apr 16, 2025Updated last year
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆52Jun 16, 2025Updated 11 months ago
- Built for red teamers, by red teamers - an MCP tool for malware development, OPSEC testing, and supporting custom loader design during re…☆46Aug 10, 2025Updated 9 months ago
- Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique☆77Sep 29, 2022Updated 3 years ago
- A tool for coercing and relaying Kerberos authentication over DCOM and RPC.☆149Jul 17, 2025Updated 10 months ago
- a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to …☆16Apr 25, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Reports on Driver, LSASS and other security services mitigations☆35Aug 18, 2025Updated 9 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆208Dec 30, 2025Updated 5 months ago
- This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for maliciou…☆19Aug 4, 2024Updated last year
- A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom…☆48Feb 19, 2026Updated 3 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated 2 years ago
- Erebus is an Initial Access wrapper for the Mythic Command & Control Server. It converts shellcode into payloads specifically used for ph…☆138Updated this week
- PoC XLL builder in Python/Nim☆50Nov 21, 2022Updated 3 years ago