AV/EDR evasion via direct system calls.
☆108Dec 8, 2023Updated 2 years ago
Alternatives and similar repositories for SysWhispers2
Users that are interested in SysWhispers2 are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- C# 编写的用于 Dropbox 文件上传☆20Jan 16, 2022Updated 4 years ago
- ☆74Jul 23, 2021Updated 4 years ago
- .NET project for installing Persistence☆63Feb 14, 2022Updated 4 years ago
- A .NET Runtime for Cobalt Strike's Beacon Object Files☆774Sep 4, 2024Updated last year
- ☆538Nov 20, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Generic impersonation and privilege escalation with Golang. Like GenericPotato both named pipes and HTTP are supported.☆115Jun 7, 2021Updated 4 years ago
- C# version of MDSec's ParallelSyscalls☆143Jan 9, 2022Updated 4 years ago
- Start new PowerShell without etw and amsi in pure nim☆157Feb 14, 2022Updated 4 years ago
- ☆94May 14, 2022Updated 3 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆225Sep 13, 2022Updated 3 years ago
- ☆170Jan 7, 2022Updated 4 years ago
- ☆181Feb 3, 2021Updated 5 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- ☆14Oct 25, 2019Updated 6 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Eternalblue written in CSharp. Contains version detection, vulnerability scanner and exploit of MS17-010☆203Oct 15, 2021Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Pure C++, weaponized, fully automated implementation of RottenPotatoNG☆314Sep 16, 2021Updated 4 years ago
- A small POC to make defender useless by removing its token privileges and lowering the token integrity☆690Jun 28, 2022Updated 3 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆335Jul 20, 2024Updated last year
- A protective and Low Level Shellcode Loader that defeats modern EDR systems.☆917Mar 20, 2024Updated 2 years ago
- LdrLoadDll Unhooking☆134Jan 16, 2022Updated 4 years ago
- Overwrite a process's recovery callback and execute with WER☆102Apr 17, 2022Updated 4 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ☆206Feb 24, 2022Updated 4 years ago
- Collection of beacon BOF written to learn windows and cobaltstrike☆363Feb 24, 2023Updated 3 years ago
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆186Jul 21, 2022Updated 3 years ago
- official repo for the AdHuntTool (part of the old RedTeamCSharpScripts repo)☆234Jun 10, 2022Updated 3 years ago
- Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction wit…☆218Feb 20, 2023Updated 3 years ago
- Asynchronous Password Spraying Tool in C# for Windows Environments☆317Dec 19, 2023Updated 2 years ago
- DLL Hijack Search Order Enumeration BOF☆149Nov 3, 2021Updated 4 years ago
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆99Mar 27, 2022Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- Wordpress hosting with auto-scaling - Free Trial • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- PoC for UUID shellcode execution using DInvoke☆155Mar 8, 2021Updated 5 years ago
- Bypass AV 用户添加☆169Dec 30, 2021Updated 4 years ago
- golang for socks5☆33Jun 21, 2021Updated 4 years ago
- tp3注入总结☆19Jan 6, 2022Updated 4 years ago
- Custom Metasploit post module to executing a .NET Assembly from Meterpreter session☆347Jul 21, 2020Updated 5 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Windows Token Stealing Expert☆488Nov 24, 2023Updated 2 years ago