whokilleddb / exe_who
Executables on Disk? Bleh ๐คฎ
โ98Updated last year
Alternatives and similar repositories for exe_who:
Users that are interested in exe_who are comparing it to the libraries listed below
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog postโ91Updated 2 years ago
- Just some Rust process injector POCs, nothing weird.โ80Updated 3 years ago
- Unchain AMSI by patching the providerโs unmonitored memory spaceโ89Updated 2 years ago
- โ88Updated 2 years ago
- Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDRโ99Updated 3 years ago
- AV/EDR evasion via direct system calls.โ107Updated last year
- Rusty Impersonateโ95Updated last year
- A tool for converting SysWhispers3 syscalls for use with Nim projectsโ144Updated 2 years ago
- ShellcodeFluctuation PoC ported to Nimโ75Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback funcโฆโ85Updated 2 years ago
- Your syscall factoryโ121Updated 3 weeks ago
- A collection of source code, binaries, and compilation scripts designed to bypass detectionโ25Updated 2 years ago
- COFF and BOF Loader written in Nimโ172Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's sectionโ147Updated last year
- Coerce Windows machines auth via MS-EVENโ158Updated last year
- โ139Updated 2 years ago
- A quick example of the Hells Gate technique in Nimโ95Updated 3 years ago
- โ28Updated 2 years ago
- โ62Updated 2 years ago
- Find DLLs with RWX sectionโ78Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memโฆโ112Updated last year
- A tool for converting SysWhispers2 syscalls for use with Nim projectsโ119Updated 3 years ago
- DLL Hijack Search Order Enumeration BOFโ147Updated 3 years ago
- A simple BOF that frees UDRLsโ117Updated 2 years ago
- Automating payload generation for OSEP labs and exam.โ34Updated 2 years ago
- The program uses the Windows API functions to traverse through directories and locate DLL files with RWX sectionโ100Updated last year
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog โฆโ80Updated last year
- Lateral Movement via the .NET Profilerโ80Updated 4 months ago
- Hookers are cooler than patches.โ170Updated 3 years ago
- โ92Updated 2 years ago