timwhitez / Doge-RecycledGateView external linksLinks
Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;
☆32Mar 22, 2022Updated 3 years ago
Alternatives and similar repositories for Doge-RecycledGate
Users that are interested in Doge-RecycledGate are comparing it to the libraries listed below
Sorting:
- use shellcode as asm function☆23Mar 29, 2022Updated 3 years ago
- 杂 物 收 纳☆15Aug 4, 2023Updated 2 years ago
- Thanks to @d35ha☆13Aug 16, 2021Updated 4 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆331Sep 10, 2024Updated last year
- Reflective DLL injection Execution☆20Sep 9, 2022Updated 3 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 3 years ago
- Beacon Object File PoC implementation of KillDefender☆235Apr 12, 2022Updated 3 years ago
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆45Mar 9, 2022Updated 3 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- Beacon Object File implementation of Event Viewer deserialization UAC bypass☆133May 6, 2022Updated 3 years ago
- ReturnGate, just like HellsGate.☆68Aug 10, 2022Updated 3 years ago
- Misc TaskScheduler Plays☆238Sep 27, 2022Updated 3 years ago
- C# shellcode runner adapted to run from a csproj to be triggered by MSBuild☆27Feb 11, 2022Updated 4 years ago
- 替代PrintBug用于本地提权的新方式,主要利用MS-EFSR协议中的接口函数 借鉴了Potitpotam中对于EFSR协议的利用,实现了本地提权的一系列方式 Drawing on the use of the EFSR protocol in Potitpotam, …☆149Mar 13, 2022Updated 3 years ago
- ☆14Sep 2, 2021Updated 4 years ago
- resource-based constrained delegation RBCD☆46Jan 15, 2022Updated 4 years ago
- PoC to interact with local/remote registry hives through WMI☆87Jun 14, 2020Updated 5 years ago
- UAC_wenpon☆49Nov 25, 2021Updated 4 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆31Feb 11, 2021Updated 5 years ago
- Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆26Dec 3, 2021Updated 4 years ago
- desktop screenshot☆29Apr 26, 2023Updated 2 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆141Apr 21, 2022Updated 3 years ago
- Golang implementation of Reflective load PE from memory☆64Jan 10, 2022Updated 4 years ago
- A flexible tool that creates a minidump of the LSASS process☆14Jan 18, 2022Updated 4 years ago
- Using the Windows API to mess with Task Manager in GoLANG☆15Sep 7, 2021Updated 4 years ago
- Its a coff loader ported to go( Modified by TimWhite )☆26Jul 17, 2023Updated 2 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆301Sep 28, 2021Updated 4 years ago
- use aswArPot.sys to kill process☆69Aug 26, 2022Updated 3 years ago
- RDI implementation in Nim☆64Dec 12, 2020Updated 5 years ago
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated last year
- Simple PoCs for utilizing Windows syscalls in Go☆16Jan 13, 2021Updated 5 years ago
- In-memory token vault BOF for Cobalt Strike☆149Aug 18, 2022Updated 3 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆194Sep 9, 2021Updated 4 years ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- MSBuild AL bypass☆18Mar 9, 2023Updated 2 years ago
- Post-exploitation script developed using impacket☆21Mar 15, 2022Updated 3 years ago