xalicex / LOLDrivers_finder
☆78Updated last year
Alternatives and similar repositories for LOLDrivers_finder:
Users that are interested in LOLDrivers_finder are comparing it to the libraries listed below
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- ☆98Updated last year
- ☆125Updated 6 months ago
- ☆125Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- ☆133Updated last year
- ☆121Updated last year
- ☆78Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- Lateral Movement via the .NET Profiler☆80Updated 4 months ago
- ☆95Updated 6 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆83Updated 2 years ago
- Implant drop-in for EDR testing☆135Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆80Updated 5 months ago
- Simple BOF to read the protection level of a process☆115Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆93Updated last year
- ☆119Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆51Updated last year
- Create Anti-Copy DRM Malware☆54Updated 7 months ago
- Find DLLs with RWX section☆78Updated last year
- TypeLib persistence technique☆108Updated 5 months ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆91Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆79Updated 2 years ago
- ☆140Updated last year
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Updated last year
- ☆127Updated last year
- ☆39Updated 2 years ago
- ☆36Updated 2 years ago