C/cpp
Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
Classic Process Injection but with direct syscalls
Tool to bypass LSA Protection (aka Protected Process Light)
Use to copy a file from an NTFS partitioned volume by reading the raw volume and parsing the NTFS structures.
Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.
LSASS memory dumper using direct system calls and API unhooking.
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
A modern 32/64-bit position independent implant template
PoC Implementation of a fully dynamic call stack spoofer
A BOF to determine Windows Defender exclusions.
Original C Implementation of the Hell's Gate VX Technique
OffensivePH - use old Process Hacker driver to bypass several user-mode access controls
Experimental Windows .text section Patch Detector
Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting
Infect Shared Files In Memory for Lateral Movement
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass…
A fake AMSI Provider which can be used for persistence.
Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
Executes shellcode from a remote server and aims to evade in-memory scanners
Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!
Alternative Shellcode Execution Via Callbacks
CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process injection, persistence and more, leveraging direct syscalls (SysWh…
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!