横向移动三剑客 ( Lateral movement tools)
☆30Nov 16, 2021Updated 4 years ago
Alternatives and similar repositories for lm_tools
Users that are interested in lm_tools are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 3 years ago
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆35Jan 15, 2022Updated 4 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 3 years ago
- shadow tls☆17Nov 13, 2022Updated 3 years ago
- ☆40Nov 5, 2019Updated 6 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 4 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆143May 10, 2022Updated 4 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Load a dynamic library from memory using a fuse mount☆33Sep 15, 2023Updated 2 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Various methods of executing shellcode☆74Mar 27, 2023Updated 3 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Apr 27, 2024Updated 2 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆19Jul 5, 2023Updated 2 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆24Mar 21, 2018Updated 8 years ago
- 关闭恶意驱动的文件和注册表保护☆14Jun 28, 2022Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆75Feb 11, 2024Updated 2 years ago
- A kernel mode Windows rootkit in development.☆48Dec 31, 2021Updated 4 years ago
- Titan: A generic user defined reflective DLL for Cobalt Strike☆85Nov 20, 2022Updated 3 years ago
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- Windows Research Kernel☆39May 16, 2026Updated last week
- ☆33Dec 22, 2020Updated 5 years ago
- ☆10Apr 19, 2026Updated last month
- May the POC be with you☆66May 14, 2026Updated last week
- 扫描常见未授权访问(改)(redis、mongodb、memcached、elasticsearch、zookeeper、ftp、CouchDB、docker、Hadoop)☆15Aug 4, 2020Updated 5 years ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆13May 30, 2024Updated last year
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- Windows CVE主防(HIPS/HIDS)☆57May 2, 2026Updated 3 weeks ago
- ☆210Apr 5, 2022Updated 4 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Bypass EDR Create TaskServers☆39Dec 24, 2022Updated 3 years ago
- Hyper-V sockets☆30Sep 11, 2017Updated 8 years ago
- A modified RunPE (process hollowing) technique avoiding the usage of SetThreadContext by appending a TLS section which calls the original…☆98Sep 26, 2019Updated 6 years ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆141Sep 12, 2022Updated 3 years ago
- A simple process query/manipulation tool using driver hooked system call. (2019)☆11Aug 30, 2021Updated 4 years ago
- Beacon.dll reverse☆140Sep 5, 2021Updated 4 years ago