use aswArPot.sys to kill process
☆69Aug 26, 2022Updated 3 years ago
Alternatives and similar repositories for killProcessPOC
Users that are interested in killProcessPOC are comparing it to the libraries listed below
Sorting:
- 利用RPC服务,内网批量探测Windows出网☆14Jun 24, 2022Updated 3 years ago
- A SigFlip implement in golang☆51Jan 5, 2022Updated 4 years ago
- Golang implementation of Reflective load PE from memory☆64Jan 10, 2022Updated 4 years ago
- golang rpc框架,支持数据加密传输☆13Feb 19, 2026Updated last month
- improved shellcode template for b1tg/rust-windows-shellcode☆29May 12, 2021Updated 4 years ago
- GetProcAddressByHash/remap/full dll unhooking/Tartaru's Gate/Spoofing Gate/universal/Perun's Fart/Spoofing-Gate/EGG/RecycledGate/syswhisp…☆331Sep 10, 2024Updated last year
- [windows]pe -> shellcode -> shellcodeLoader -> (pe2shellcode go on?)☆78Dec 15, 2021Updated 4 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Hide Port In Windows☆42Oct 24, 2024Updated last year
- 一款利用某云厂商的物联网平台作为c2的框架☆23Jun 18, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- 这是一个一键辅助抓取360安全浏览器密码的CobaltStrike脚本以及解密小工具,用于节省红队工作量,通过下载浏览器数据库、记录密钥来离线解密浏览器密码。☆637Apr 4, 2021Updated 4 years ago
- frp0.38.1 支持域前置、远程加载配置文件、配置文件自删除、流量特征修改☆133Apr 26, 2022Updated 3 years ago
- 一个用于隐藏C2��的、开箱即用的反向代理服务器。 旨在省去繁琐的配置Nginx服务的过程。☆45Dec 18, 2021Updated 4 years ago
- 通过反射DLL注入、Win API、C#、以及底层实现NetUserAdd方式实现BypassAV进行增加用户的功能,实现Cobalt Strike插件化☆344Apr 10, 2022Updated 3 years ago
- BOF/COFF obj file to PIC(shellcode). by golang☆39Sep 28, 2022Updated 3 years ago
- More EFS coerced authentication method with PetitPotam.py☆28Mar 21, 2023Updated 2 years ago
- Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;☆34Mar 22, 2022Updated 3 years ago
- Golang implementation of the research by @jonaslyk and the drafted PoC from @LloydLabs☆26Dec 3, 2021Updated 4 years ago
- Callback Function Loader Implemented in Go☆140Mar 26, 2024Updated last year
- RPC远程主机信息匿名扫描工具☆319Sep 30, 2022Updated 3 years ago
- 过360拦截加载无驱动签名☆61Sep 22, 2021Updated 4 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82May 23, 2023Updated 2 years ago
- 通过WindowsAPI获取用户凭证,并保存到文件中☆195Jun 18, 2024Updated last year
- bypass UAC even when configured to always notify user☆29Aug 31, 2021Updated 4 years ago
- 用Rust语言编写,使用特征值从微信内存中提取数据库密钥的工具☆100Feb 16, 2023Updated 3 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- bypass BeaconEye☆89Sep 9, 2021Updated 4 years ago
- ☆15Aug 1, 2023Updated 2 years ago
- mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socke…☆19Mar 11, 2023Updated 3 years ago
- 添加计划任务方法集合�☆310Aug 6, 2023Updated 2 years ago
- 将dll exe 等转成shellcode 最后输出exe 可定制加载器模板 支持白文件的捆绑 shellcode 加密☆368Sep 8, 2022Updated 3 years ago
- Zerologon exploit with restore DC password automatically☆146Mar 15, 2024Updated 2 years ago
- 远程创建任务计划工具☆190Apr 23, 2022Updated 3 years ago
- KillDefender的实现☆12Feb 28, 2022Updated 4 years ago
- Stop Windows Defender programmatically☆993Nov 4, 2022Updated 3 years ago
- 影子用户 克隆☆233Dec 30, 2021Updated 4 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year