Pinned Repositories
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
ADPT
DLL proxying for lazy people
Aggressor-NTFY
Cobalt Strike notifications via NTFY.
Alaris
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
AlternativeShellcodeExec
Alternative Shellcode Execution Via Callbacks
AM0N-Eye
arsenal-rs
Rusty Process Injection / Post-Exploitation Techniques
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
avred
Analyse your malware to chirurgicaly obfuscate it
avred-server
an0x03e8's Repositories
an0x03e8/c_syscalls
Single stub direct and indirect syscalling with runtime SSN resolving for windows.
an0x03e8/BOF-CobaltStrike
Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.
an0x03e8/CallStackSpoofer
A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)
an0x03e8/CheckPlease
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
an0x03e8/COFFLoader2
Load and execute COFF files and Cobalt Strike BOFs in-memory
an0x03e8/cThreadHijack
Beacon Object File (BOF) for remote process injection via thread hijacking
an0x03e8/DarkLoadLibrary
LoadLibrary for offensive operations
an0x03e8/DInvoke
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
an0x03e8/DLLoader
an0x03e8/DripLoader
Evasive shellcode loader for bypassing event-based injection detection (PoC)
an0x03e8/freeBokuLoader
A simple BOF that frees UDRLs
an0x03e8/grugq.github.com
Hacker OPSEC
an0x03e8/inceptor
Template-Driven AV/EDR Evasion Framework
an0x03e8/KaynLdr
KaynLdr is a Reflective Loader written in C/ASM
an0x03e8/Koppeling
Adaptive DLL hijacking / dynamic export forwarding
an0x03e8/KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
an0x03e8/link
link is a command and control framework written in rust
an0x03e8/Nimcrypt2
.NET, PE, & Raw Shellcode Packer/Loader Written in Nim
an0x03e8/NINA
NINA: No Injection, No Allocation x64 Process Injection Technique
an0x03e8/Ninja_UUID_Runner
Module Stomping, No New Thread, HellsGate syscaller, UUID Shellcode Runner for x64 Windows 10!
an0x03e8/rust-windows-shellcode
Windows shellcode development in Rust
an0x03e8/RustyProcessInjectors
Just some Rust process injector POCs, nothing weird.
an0x03e8/ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
an0x03e8/ShellcodeStdio
An extensible framework for easily writing compiler optimized position independent x86 / x64 shellcode for windows platforms.
an0x03e8/STFUEDR
Silence EDRs by removing kernel callbacks
an0x03e8/TikiTorch
Process Injection
an0x03e8/Visual-Studio-BOF-template
A Visual Studio template used to create Cobalt Strike BOFs
an0x03e8/WFH