横向移动三剑客 ( Lateral movement tools)
☆30Nov 16, 2021Updated 4 years ago
Alternatives and similar repositories for lm_tools
Users that are interested in lm_tools are comparing it to the libraries listed below
Sorting:
- Just another version of the custom stack call from Proxy-Function-Calls-For-ETwTI☆34Mar 17, 2023Updated 2 years ago
- A VMBR (Virtual-Machine Based Rootkit) which runs a guest OS and sends the attacker its data☆28Apr 27, 2024Updated last year
- Code for blog written at 0xdarkvortex.dev Red Team TTPs Part 2☆19Oct 8, 2020Updated 5 years ago
- Code Integrity Violation Spotter☆17Jun 11, 2024Updated last year
- ☆40Nov 5, 2019Updated 6 years ago
- shadow tls☆17Nov 13, 2022Updated 3 years ago
- ☆17Oct 31, 2022Updated 3 years ago
- ☆33Dec 22, 2020Updated 5 years ago
- Various methods of executing shellcode☆74Mar 27, 2023Updated 2 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆49Mar 10, 2023Updated 2 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆33Nov 14, 2020Updated 5 years ago
- Execute a payload at each right click on a file/folder in the explorer menu for persistence☆175Mar 15, 2023Updated 2 years ago
- This is a simple project made to evade https://github.com/thefLink/Hunt-Sleeping-Beacons by using a busy wait instead of beacon's built i…☆36Jan 15, 2022Updated 4 years ago
- ☆34Aug 14, 2023Updated 2 years ago
- Demo to show how write ALPC Client & Server using native Ntdll.dll syscalls.☆21Jan 25, 2022Updated 4 years ago
- 扫描常见未授权访问(改)(redis、mongodb、memcached、elasticsearch�、zookeeper、ftp、CouchDB、docker、Hadoop)☆15Aug 4, 2020Updated 5 years ago
- Minimal PoC developed as discuss in https://captmeelo.com/redteam/maldev/2022/05/10/ntcreateuserprocess.html☆144May 10, 2022Updated 3 years ago
- Read Memory without ReadProcessMemory for Current Process☆92Feb 13, 2022Updated 4 years ago
- Windows Research Kernel☆37Sep 22, 2025Updated 5 months ago
- x64 assembler library☆31Jun 7, 2024Updated last year
- May the POC be with you☆65Feb 21, 2026Updated last week
- x86 PE Mutator☆233Dec 24, 2022Updated 3 years ago
- windows rpc 使用MIDL+RPC实现HelloWorld☆23Mar 21, 2018Updated 7 years ago
- A poc that abuses Enclave☆40Sep 8, 2022Updated 3 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Feb 11, 2024Updated 2 years ago
- Windows CVE主防(HIPS/HIDS)☆57Apr 29, 2021Updated 4 years ago
- a dkom rootkit that targets windows x64 systems. the rootkit hooks and edits criticl memory sections in order to hide different resources…☆18Jul 5, 2023Updated 2 years ago
- Packer is a compact, fast and crosss-platform serialization library for store data in a buffer☆22Aug 5, 2023Updated 2 years ago
- fork HoShiMin Avanguard☆20Sep 29, 2018Updated 7 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 10 months ago
- PsSetCreateProcessNotifyRoutine/Ex/Ex2 hook☆12May 30, 2024Updated last year
- ☆274Jan 14, 2023Updated 3 years ago
- https://key08.com/index.php/2021/10/19/1375.html☆71May 11, 2022Updated 3 years ago
- Minifilter Callback Patching Proof-of-Concept☆74Oct 31, 2022Updated 3 years ago
- Bypass EDR Create TaskServers☆39Dec 24, 2022Updated 3 years ago
- Threadless Injection Payload Toolkit☆12Oct 12, 2023Updated 2 years ago
- Learn Winapi in this Repo with examples, to understand its abstraction in reverse engineering for Windows.☆11Aug 8, 2022Updated 3 years ago
- Go实现用于Windows系统的进程隐藏工具,通过DLL注入技术将指定进程从任务管理器中隐藏☆25Jan 22, 2026Updated last month
- fork from A-Protect☆10Nov 26, 2018Updated 7 years ago