zimnyaa / xyrellaLinks
PoC XLL builder in Python/Nim
☆46Updated 2 years ago
Alternatives and similar repositories for xyrella
Users that are interested in xyrella are comparing it to the libraries listed below
Sorting:
- ☆47Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated last year
- Python module for running BOFs☆72Updated 2 years ago
- Sleep obfuscation for shellcode implants and their reflective shit☆51Updated last year
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆86Updated 2 years ago
- BOF for C2 framework☆41Updated 8 months ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Updated last year
- Lateral Movement via the .NET Profiler☆82Updated 8 months ago
- A VSCode devcontainer for development of COFF files with batteries included.☆49Updated 2 years ago
- A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.☆69Updated 6 months ago
- Lockless BOF☆75Updated 3 months ago
- A care package of useful bofs for red team engagments☆55Updated 7 months ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆20Updated last year
- Click Once + App Domain☆62Updated last year
- macOS dylib stager☆35Updated 6 months ago
- malware written for educational purposes☆66Updated 8 months ago
- Rewrite to fit my needs☆30Updated last year
- Determine if the WebClient Service (WebDAV) is running on a remote system☆19Updated last year
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆66Updated 6 months ago
- Cortex EDR Ransomware protection Bypass☆25Updated 5 months ago
- ShellcodeFluctuation PoC ported to Nim☆78Updated 2 years ago
- Proxy function calls through the thread pool with ease☆28Updated 5 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 6 months ago
- D/Invoke implementation in Nim☆101Updated 3 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆53Updated 3 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆74Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆51Updated last year
- Beacon Object Files (not Buffer Overflows)☆56Updated 2 years ago