golang implementation of Syswhisper2/Syswhisper3
☆23Mar 23, 2022Updated 3 years ago
Alternatives and similar repositories for Doge-Whisper
Users that are interested in Doge-Whisper are comparing it to the libraries listed below
Sorting:
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆45Mar 9, 2022Updated 3 years ago
- Go package for fexecve(3) and execveat(2)☆15Updated this week
- PrintNightmare , Local Privilege Escalation of CVE-2021-1675 or CVE-2021-34527☆58Jul 2, 2021Updated 4 years ago
- Fork & modify of Wireguard's Memmod☆33Aug 2, 2023Updated 2 years ago
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆331Sep 10, 2024Updated last year
- Beacon.dll reverse☆141Sep 5, 2021Updated 4 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 3 years ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- BOF implementation of delete self poc that delete a locked executable or a currently running file from disk by its pid, path, or the curr…☆78Jul 23, 2023Updated 2 years ago
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 2 years ago
- more conveniently Visual-Studio-BOF-template☆75Sep 12, 2023Updated 2 years ago
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- PolicyKit CVE-2021-3560 Exploit (Authentication Agent)☆117May 2, 2022Updated 3 years ago
- check cs yara rules☆42Sep 7, 2021Updated 4 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆83May 23, 2022Updated 3 years ago
- Golang implementation of Reflective load PE from memory☆64Jan 10, 2022Updated 4 years ago
- A BeaconEye implement in Golang. It is used to detect the cobaltstrike beacon from memory and extract some configuration.☆162Sep 6, 2022Updated 3 years ago
- Cobalt Strike Beacon Object Files☆167May 2, 2022Updated 3 years ago
- 用Rust语言编写,使用特征值从微信内存中提取数据库密钥的工具☆99Feb 16, 2023Updated 3 years ago
- ☆46Jun 25, 2024Updated last year
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆44Jun 23, 2022Updated 3 years ago
- ☆12Oct 29, 2021Updated 4 years ago
- Proofs-Of-360Security Sandbox Escape☆10Mar 18, 2022Updated 3 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.☆10Dec 16, 2021Updated 4 years ago
- A simple Go script to brute force or parse a password-protected PKCS#12 (PFX/P12) file.☆44Dec 31, 2020Updated 5 years ago
- AddDefenderExclusions Beacon Object File☆41Jun 25, 2023Updated 2 years ago
- Misc TaskScheduler Plays�☆238Sep 27, 2022Updated 3 years ago
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆193Sep 9, 2021Updated 4 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 2 years ago
- 利用NTLM Hash读取Exchange邮件☆441Jan 7, 2025Updated last year
- ☆52Dec 11, 2019Updated 6 years ago
- A SigFlip implement in golang☆51Jan 5, 2022Updated 4 years ago
- Dumping LSASS with a duplicated handle from custom LSA plugin☆204Feb 23, 2022Updated 4 years ago
- ☆155Jun 18, 2024Updated last year
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- Windows NTLMSSP library☆11Oct 13, 2020Updated 5 years ago
- 用于Dump指定进程的内存,主要利用静默退出机制(SilentProcessExit)和Windows API(MiniDumpW)实现☆25Dec 13, 2021Updated 4 years ago