wabzsy / gonutLinks
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
☆60Updated 2 years ago
Alternatives and similar repositories for gonut
Users that are interested in gonut are comparing it to the libraries listed below
Sorting:
- Silently Install Chrome Extension For Persistence☆91Updated last year
- Evasive loader to bypass static detection☆58Updated last year
- frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …☆55Updated 2 years ago
- Self Cleanup in post-ex job☆58Updated 11 months ago
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆169Updated 2 weeks ago
- A Simple PoC☆21Updated last year
- Help red teams find opsec processes during engagements☆42Updated 8 months ago
- ☆41Updated last year
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆97Updated last month
- Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode☆104Updated 2 years ago
- ☆57Updated last year
- Go implementation of the self-deletion of an running executable from disk☆113Updated 2 years ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆58Updated 6 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆51Updated 2 years ago
- Beacon compiled using clang☆72Updated 2 years ago
- Its a coff loader ported to go( Modified by TimWhite )☆27Updated 2 years ago
- load assembly executable file in memory☆41Updated 2 years ago
- Beacon Object File (BOF) Template☆55Updated 9 months ago
- A BOF/COFF loader implemented in Go and CGO.☆22Updated last year
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 2 years ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆39Updated 3 months ago
- Golang implementation of @CCob's C# ThreadlessInject☆32Updated last year
- Repository of scripts from my blog post on bypassing the YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellco…☆41Updated 10 months ago
- An implementation of an indirect system call☆129Updated 2 years ago
- ☆42Updated 2 years ago
- Test bench lab for Shellcode Obfuscation☆28Updated 3 months ago
- A nim implementation of sRDI☆19Updated last year
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Updated 2 years ago
- POC tool to extract all persistent clipboard history data from clipboard service process memory☆47Updated last year
- 🔎🪲 Malleable C2 profiles parser and assembler written in golang☆67Updated last year