☆16Oct 11, 2023Updated 2 years ago
Alternatives and similar repositories for TCS_InjectionTechniques
Users that are interested in TCS_InjectionTechniques are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A simple BOF that disables some logging with NtSetInformationProcess☆14Oct 13, 2023Updated 2 years ago
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- ☆20Updated this week
- Purple Team Dropper generator using open source templates.☆17May 23, 2024Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 3 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 3 years ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated last year
- Change hash for a signed pe☆18Jul 18, 2023Updated 2 years ago
- BOF内存运行exe☆31Jun 19, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- C# alternative to the linux "cat" command... Prints file contents to console. For use with Cobalt Strike's Execute-Assembly☆15Jul 15, 2021Updated 4 years ago
- Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process☆49Mar 15, 2023Updated 3 years ago
- Cobalt Strike BOF☆43Dec 10, 2025Updated 3 months ago
- PoC code from blog☆16Mar 10, 2020Updated 6 years ago
- A tool implementing process hollowing making your PE polymorphic☆16Aug 11, 2020Updated 5 years ago
- Cobalt Strike Beacon Object File (BOF) that uses CredUIPromptForWindowsCredentials API to invoke credential prompt☆23Nov 23, 2022Updated 3 years ago
- custom bloodhound queries and knowledge base☆12Apr 16, 2024Updated last year
- Impacket with --remove-mic-partial☆31Jan 8, 2026Updated 2 months ago
- ☆50May 12, 2021Updated 4 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- Fuzzing Harness and Unpatched Crash Results from Fuzzing Defender MpEngine☆42Jul 29, 2025Updated 7 months ago
- C# implementation of TokenFinder. Steal M365 access tokens from Office Desktop apps☆145Feb 1, 2026Updated last month
- Deduplicate custom BloudHound queries from different datasets and merge them in one customqueries.json file.☆40Mar 23, 2024Updated 2 years ago
- ☆11Feb 19, 2023Updated 3 years ago
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- A tweak to inspect any application (user or system application). Inspect views, network, local variables, NSUserDefault and even more.☆13Aug 20, 2019Updated 6 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆31Feb 11, 2021Updated 5 years ago
- Private api to get session cookie of google account, login by email, password and some recovery option☆14Jan 8, 2019Updated 7 years ago
- ☆37Feb 11, 2023Updated 3 years ago
- Etwti-UnhookPOC just for test☆12Aug 23, 2022Updated 3 years ago
- ☆17Aug 25, 2022Updated 3 years ago
- Porting of NPPSPY by Grzegorz Tworek to 'man in the middle' the user logon process, and store the user's name and password in an unassumi…☆19Apr 24, 2023Updated 2 years ago
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- A ddos tool for penetration of websites☆15Dec 13, 2020Updated 5 years ago
- ☆78Aug 1, 2023Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆14Jul 9, 2023Updated 2 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆30Dec 31, 2021Updated 4 years ago
- Python3 implementation of ADRecon with support for NTLM and Kerberos authentication querying LDAP. Generates individual CSV files and a s…☆59Feb 23, 2026Updated last month