AceLdr is a position-independent reflective loader for Cobalt Strike. Zero results from Hunt-Sleeping-Beacons, BeaconHunter, BeaconEye, Patriot, Moneta, PE-sieve, or MalMemDetect.
Import a single CNA script before generating shellcode.
Creates a new heap for any allocations from Beacon and encrypts entries before sleep.
Changes the memory containing CS executable code to non-executable and encrypts it (FOLIAGE).
Certain WinAPI calls are executed with a spoofed return address (InternetConnectA, NtWaitForSingleObject, RtlAllocateHeap).
Delayed execution using WaitForSingleObjectEx.
All encryption performed with SystemFunction032.
ROADTools is a powerful framework designed for exploring and interacting with Microsoft Azure Active Directory…
Microsoft 365 Groups (also known as M365 Groups or Unified Groups) are at the heart…
SeamlessPass is a specialized tool designed to leverage on-premises Active Directory Kerberos tickets to obtain…
PPLBlade is a powerful Protected Process Dumper designed to capture memory from target processes, hide…
HikPwn: Comprehensive Guide to Scanning Hikvision Devices for Vulnerabilities If you’re searching for an efficient…
What Are Bash Comments? Comments in Bash scripts, are notes in your code that the…