Added ThreadStackSpoofer
This commit is contained in:
Mariusz B. / mgeeky
parent
82258ffdf0
commit
e1bf705615
|
|
@ -58,3 +58,6 @@
|
||||||
[submodule "red-teaming/ElusiveMice"]
|
[submodule "red-teaming/ElusiveMice"]
|
||||||
path = red-teaming/ElusiveMice
|
path = red-teaming/ElusiveMice
|
||||||
url = https://github.com/mgeeky/ElusiveMice
|
url = https://github.com/mgeeky/ElusiveMice
|
||||||
|
[submodule "windows/ThreadStackSpoofer"]
|
||||||
|
path = windows/ThreadStackSpoofer
|
||||||
|
url = https://github.com/mgeeky/ThreadStackSpoofer
|
||||||
|
|
|
||||||
|
|
@ -102,6 +102,8 @@ PS> python3 rdpFileUpload.py -v -f certutil README.md
|
||||||
|
|
||||||
- **`Simulate-DNSTunnel.ps1`** - Performs DNS Tunnelling simulation for purpose of triggering installed Network IPS and IDS systems, generating SIEM offenses and picking up Blue Teams.
|
- **`Simulate-DNSTunnel.ps1`** - Performs DNS Tunnelling simulation for purpose of triggering installed Network IPS and IDS systems, generating SIEM offenses and picking up Blue Teams.
|
||||||
|
|
||||||
|
- **`ThreadStackSpoofer`** - A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory.
|
||||||
|
|
||||||
- **`UnhookMe`** - Dynamically unhooking imports resolver. Implementation of dynamic imports resolver that would be capable of unhooking used functions in-the-fly is yet another step towards strengthening adversary resilience efforts.
|
- **`UnhookMe`** - Dynamically unhooking imports resolver. Implementation of dynamic imports resolver that would be capable of unhooking used functions in-the-fly is yet another step towards strengthening adversary resilience efforts.
|
||||||
|
|
||||||
```
|
```
|
||||||
|
|
|
||||||
|
|
@ -0,0 +1 @@
|
||||||
|
Subproject commit d25cef0ff5eba07a26b5be4f6999b76167081e2f
|
||||||
Loading…
Reference in New Issue