Malware As A Service
☆138Feb 26, 2024Updated 2 years ago
Alternatives and similar repositories for MAAS
Users that are interested in MAAS are comparing it to the libraries listed below
Sorting:
- ☆246Dec 16, 2022Updated 3 years ago
- Modified versions of the Cobalt Strike Process Injection Kit☆106Jan 24, 2024Updated 2 years ago
- Spoofing desktop login applications with WinForms and WPF☆177Feb 19, 2024Updated 2 years ago
- a tool to help operate in EDRs' blind spots☆767Dec 2, 2024Updated last year
- Retired TrustedSec Capabilities☆248Jan 5, 2026Updated last month
- PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.☆568Jan 20, 2026Updated last month
- A beacon object file implementation of PoolParty Process Injection Technique.☆434Dec 21, 2023Updated 2 years ago
- Ntdll Unhooking POC☆19Aug 12, 2022Updated 3 years ago
- Read the contents of MS Word Documents using Cobalt Strike's Execute-Assembly☆117Sep 30, 2024Updated last year
- GregsBestFriend process injection code created from the White Knight Labs Offensive Development course☆204Jun 23, 2023Updated 2 years ago
- Abusing Azure services over C2☆368Jan 20, 2026Updated last month
- ☆129Jun 28, 2023Updated 2 years ago
- ☆162Mar 27, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- ☆83Nov 1, 2023Updated 2 years ago
- Koppeling x Metatwin x LazySign☆216Aug 26, 2021Updated 4 years ago
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.☆614Jan 2, 2025Updated last year
- ☆211Nov 28, 2023Updated 2 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆330Jul 15, 2024Updated last year
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆701May 7, 2025Updated 9 months ago
- A BOF that runs unmanaged PEs inline☆681Oct 23, 2024Updated last year
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- Lifetime AMSI bypass☆672Sep 26, 2023Updated 2 years ago
- ☆341Nov 10, 2025Updated 3 months ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- ☆126Sep 1, 2024Updated last year
- Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types☆412Mar 21, 2025Updated 11 months ago
- Microsoft Graph API post-exploitation toolkit☆95Jul 13, 2024Updated last year
- string encryption in Nim☆20Jun 15, 2024Updated last year
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆539May 9, 2025Updated 9 months ago
- Hide shellcode by shuffling bytes into a random array and reconstruct at runtime☆203Mar 26, 2025Updated 11 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆776Jan 26, 2026Updated last month
- A C# project that builds a Web Application which redirects all HTTPS☆26Feb 11, 2025Updated last year
- EDR Lab for Experimentation Purposes☆1,413Feb 25, 2026Updated last week
- ☆231Jun 10, 2025Updated 8 months ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆283Jun 15, 2024Updated last year
- kill anti-malware protected processes ( BYOVD )☆968Jul 21, 2023Updated 2 years ago