Stars
Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and Hijack…
Phantom Tap (PhanTap) - an ‘invisible’ network tap aimed at red teams
Dockerized Signal Messenger REST API
Reflective DLL loading of your favorite Golang program
A method of bypassing EDR's active projection DLL's by preventing entry point exection
A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF)
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
A very proof-of-concept port of InlineWhispers for using syscalls in Nim projects.
AV/EDR evasion via direct system calls.
My experiments in weaponizing Nim (https://nim-lang.org/)
Great explanation of Process Hollowing (a Technique often used in Malware)
Shellcode wrapper with encryption for multiple target languages