wabzsy / gonutLinks
Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.
☆61Updated 2 years ago
Alternatives and similar repositories for gonut
Users that are interested in gonut are comparing it to the libraries listed below
Sorting:
- Silently Install Chrome Extension For Persistence☆92Updated last year
- Evasive loader to bypass static detection☆59Updated last year
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆178Updated 2 months ago
- Self Cleanup in post-ex job☆58Updated last year
- load assembly executable file in memory☆41Updated 2 years ago
- frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can …☆52Updated 2 years ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆59Updated 8 months ago
- A Simple PoC☆21Updated last year
- Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode☆105Updated 2 years ago
- Help red teams find opsec processes during engagements☆43Updated 10 months ago
- Its a coff loader ported to go( Modified by TimWhite )☆27Updated 2 years ago
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆101Updated 3 weeks ago
- A BOF/COFF loader implemented in Go and CGO.☆22Updated last year
- Golang implementation of @CCob's C# ThreadlessInject☆31Updated last year
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 3 years ago
- Beacon Object File (BOF) Template☆57Updated 11 months ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆57Updated 2 years ago
- ☆57Updated last year
- Go implementation of the self-deletion of an running executable from disk☆112Updated 2 years ago
- Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.☆43Updated 3 weeks ago
- ☆43Updated 2 years ago
- Beacon compiled using clang☆71Updated 2 years ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆43Updated 5 months ago
- ☆41Updated 2 years ago
- Golang implementation of Reflective load PE from memory☆62Updated 3 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆78Updated last year
- A tool written in golang which compress using UPX and patch it with the provided PE file to make "UPX -d" flag impossible to decompress a…☆20Updated 9 months ago
- ☆15Updated 2 years ago
- A swiss army knife tool for running, injecting and organizing your BOFs collection☆65Updated 3 months ago
- HVNC based on RustDesk☆95Updated last year