yo-yo-yo-jbo / commandline_spoofingView external linksLinks
Commandline spoofing on Windows
☆93Nov 25, 2025Updated 2 months ago
Alternatives and similar repositories for commandline_spoofing
Users that are interested in commandline_spoofing are comparing it to the libraries listed below
Sorting:
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated last month
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 4 months ago
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆94Jul 3, 2025Updated 7 months ago
- ☆11Feb 12, 2023Updated 3 years ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆22Dec 31, 2025Updated last month
- ☆14Dec 26, 2024Updated last year
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 6 months ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆50Jul 6, 2025Updated 7 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- BOF to decrypt Signal Desktop chat logs☆72Feb 20, 2025Updated 11 months ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 7 months ago
- A small How-To on creating your own weaponized WSL file☆119Jul 23, 2025Updated 6 months ago
- Convert your shellcode into an ASCII string☆127Jun 27, 2025Updated 7 months ago
- A portable C# utility for enumerating local and remote windows sessions☆55Jan 1, 2026Updated last month
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆40Oct 30, 2024Updated last year
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆116Jan 20, 2025Updated last year
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆196Dec 30, 2025Updated last month
- RPC to WebClient startup☆55Aug 19, 2025Updated 5 months ago
- Arsenal of modules to beacon postex☆94Nov 30, 2025Updated 2 months ago
- Random BOFs for LDAP tradecraft☆72Sep 9, 2025Updated 5 months ago
- Utilizng an MCP Server to communicate with your C2☆86May 15, 2025Updated 8 months ago
- collection of blogs about malware development and analysis☆64Dec 2, 2025Updated 2 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- Cobalt Strike BOF for beacon/shellcode injection using fork & run technique with Draugr synthetic stack frames☆150Nov 23, 2025Updated 2 months ago
- RProxy LAB is intended solely for educational purposes and authorized security testing with EvilGinx / Modlishka / EvilPuppet e.t.c tools☆48Dec 14, 2025Updated 2 months ago
- shell code example☆67Dec 12, 2025Updated 2 months ago
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 7 months ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆209Nov 12, 2025Updated 3 months ago
- A Mythic agent for Windows written in C☆156Feb 7, 2026Updated last week
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- Crystal Palace library for proxying Nt API calls via the Threadpool☆97Oct 18, 2025Updated 3 months ago
- Attacking the cleanup_module function of a kernel module☆56Jun 30, 2025Updated 7 months ago
- ForsHops☆152Mar 25, 2025Updated 10 months ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 7 months ago
- Passive JavaScript reconnaissance for penetration testers — bridging Burp Suite traffic into structured, AST-based analysis in VSCode.☆35Feb 5, 2026Updated last week
- A REALLY Danger Windows Driver, Turn Any threads Ring0!☆13Aug 11, 2025Updated 6 months ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago