wabzsy / gonutLinks
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
☆58Updated last year
Alternatives and similar repositories for gonut
Users that are interested in gonut are comparing it to the libraries listed below
Sorting:
- Silently Install Chrome Extension For Persistence☆73Updated 11 months ago
- Go implementation of the self-deletion of an running executable from disk☆110Updated 2 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆69Updated 2 years ago
- Self Cleanup in post-ex job☆56Updated 9 months ago
- more conveniently Visual-Studio-BOF-template☆65Updated last year
- ☆47Updated last year
- Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode☆104Updated 2 years ago
- frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …☆51Updated 2 years ago
- A Simple PoC☆21Updated last year
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆88Updated 2 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆66Updated 2 years ago
- A BOF/COFF loader implemented in Go and CGO.☆22Updated last year
- Evasive loader to bypass static detection☆58Updated last year
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆51Updated 3 months ago
- Help red teams find opsec processes during engagements☆41Updated 6 months ago
- ReturnGate, just like HellsGate.☆67Updated 2 years ago
- A basic C2 framework written in C☆60Updated 11 months ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆72Updated last year
- Repository of scripts from my blog post on bypassing the YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellco…☆41Updated 8 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆49Updated 2 years ago
- Golang evasion tool, execute-assembly .Net file☆97Updated 3 years ago
- load assembly executable file in memory☆41Updated last year
- ☆40Updated last year
- kill AV/EDR☆22Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆44Updated last year
- 🔎🪲 Malleable C2 profiles parser and assembler written in golang☆66Updated last year
- Shellcode Reductio Entropy Tools☆69Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆53Updated last year
- Beacon compiled using clang☆69Updated 2 years ago