Block or Report
Block or report coldfusion39
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuseCobalt Strike
A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
PoC for a sleep obfuscation technique leveraging waitable timers to evade memory scanners.
A BOF to determine Windows Defender exclusions.
Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
Execute unmanaged Windows executables in CobaltStrike Beacons
A PoC implementation for dynamically masking call stacks with timers.
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released at BSides Cymru 2023.
Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature
Improved version of EKKO by @5pider that Encrypts only Image Sections
Code snippets to add on top of cobalt strike sleepmask kit so that ekko can work in a CFG protected process
A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code
A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge years ago.
A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.
old postex for grabbing a krbtgs for my current user
CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking
Example of using Sleep to create better named pipes.