zimawhit3 / DynimicGhostWritingLinks
Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
☆29Updated 3 years ago
Alternatives and similar repositories for DynimicGhostWriting
Users that are interested in DynimicGhostWriting are comparing it to the libraries listed below
Sorting:
- ☆43Updated last year
- ☆30Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago
- all credits go to @mgeeky☆64Updated 3 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆82Updated 3 years ago
- Cobalt Strike beacon object file that allows you to query and make changes to the Windows Registry☆27Updated 4 years ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆58Updated last year
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 3 years ago
- Sleep Obfuscation☆45Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆55Updated 2 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆22Updated last year
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆40Updated 2 years ago
- One gate to all syscalls!☆23Updated 3 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Halos Gate-based NTAPI Unhooker☆52Updated 3 years ago
- Unchain AMSI by patching the provider’s unmonitored memory space☆90Updated 2 years ago
- A VSCode plugin to assist with BOF development.☆37Updated 11 months ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆86Updated 3 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆81Updated 3 years ago
- Cobalt Strike BOF for quser.exe implementation using Windows API☆86Updated 2 years ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆61Updated 2 years ago
- ☆56Updated last year
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Dump Citrix Secure Access auth cookie from the process memory☆76Updated 3 years ago
- My implementation of Halo's Gate technique in C#☆54Updated 3 years ago
- A simple BOF implementation of klist using Windows API☆32Updated 3 years ago
- LoadLibrary for offensive operations☆33Updated 3 years ago
- A simplified version of DotNetToJScript to create a JScript file which loads a .NET v2 assembly from memory.☆47Updated 4 years ago
- ☆36Updated last year