Commandline spoofing on Windows
☆94Nov 25, 2025Updated 3 months ago
Alternatives and similar repositories for commandline_spoofing
Users that are interested in commandline_spoofing are comparing it to the libraries listed below
Sorting:
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Feb 26, 2026Updated last week
- ☆11Feb 12, 2023Updated 3 years ago
- ☆14Dec 26, 2024Updated last year
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 7 months ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆50Jul 6, 2025Updated 7 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 8 months ago
- A small How-To on creating your own weaponized WSL file☆122Jul 23, 2025Updated 7 months ago
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 8 months ago
- A TUI for Active Directory collection.☆112Feb 17, 2026Updated 2 weeks ago
- Weaponize signed .NET ClickOnce applications for initial access by hijacking a dependency DLL via AppDomainManager injection and loading …☆135Feb 14, 2026Updated 2 weeks ago
- A portable C# utility for enumerating local and remote windows sessions☆56Jan 1, 2026Updated 2 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆42Oct 30, 2024Updated last year
- RPC to WebClient startup☆55Aug 19, 2025Updated 6 months ago
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆199Dec 30, 2025Updated 2 months ago
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 5 months ago
- Arsenal of modules to beacon postex☆94Updated this week
- Utilizng an MCP Server to communicate with your C2☆86May 15, 2025Updated 9 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆152Nov 23, 2025Updated 3 months ago
- shell code example☆68Dec 12, 2025Updated 2 months ago
- Lateral movement with DCOM DLL hijacking☆177Jul 4, 2025Updated 8 months ago
- A large collection of blogs 🦐☆13Apr 12, 2025Updated 10 months ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 3 months ago
- A Mythic agent for Windows written in C☆158Feb 22, 2026Updated last week
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- RProxy LAB is intended solely for educational purposes and authorized security testing with EvilGinx / Modlishka / EvilPuppet e.t.c tools☆54Feb 15, 2026Updated 2 weeks ago
- collection of blogs about malware development and analysis☆65Dec 2, 2025Updated 3 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Attacking the cleanup_module function of a kernel module☆57Jun 30, 2025Updated 8 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆100Oct 18, 2025Updated 4 months ago
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 7 months ago