kapiushion

kapiushion

5 followers · 0 following

Starred repositories

24 results for sponsorable starred repositories written in C++

Clear filter

deskflow / deskflow

Share a single keyboard and mouse between multiple computers.

C++ 21,326 4,268 Updated Nov 7, 2025

horsicq / DIE-engine

DIE engine

C++ 2,848 363 Updated Nov 6, 2025

mgeeky / ThreadStackSpoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

C++ 1,170 190 Updated Jun 17, 2022

mgeeky / ShellcodeFluctuation

An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents

C++ 1,062 161 Updated Jun 17, 2022

klezVirus / SilentMoonwalk

PoC Implementation of a fully dynamic call stack spoofer

C++ 845 104 Updated Jul 20, 2024

XaFF-XaFF / Black-Angel-Rootkit

Black Angel is a Windows 11/10 x64 kernel mode rootkit. Rootkit can be loaded with enabled DSE while maintaining its full functionality.

C++ 643 111 Updated Nov 9, 2023

Kudaes / Elevator

UAC bypass by abusing RPC and debug objects.

C++ 628 70 Updated Oct 19, 2023

tijme / dittobytes

Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.

C++ 551 59 Updated Sep 9, 2025

d1rkmtrr / Shellcode-Hide

This repo contains : simple shellcode Loader , Encoders (base64 - custom - UUID - IPv4 - MAC), Encryptors (AES), Fileless Loader (Winhttp, socket)

C++ 431 108 Updated Aug 2, 2023

mgeeky / UnhookMe

UnhookMe is an universal Windows API resolver & unhooker addressing problem of invoking unmonitored system calls from within of your Red Teams malware

C++ 349 49 Updated Jul 3, 2022

d1rkmtrr / UnhookingPatch

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

C++ 311 52 Updated Aug 2, 2023

MrAle98 / CVE-2024-49138-POC

POC exploit for CVE-2024-49138

C++ 262 60 Updated Feb 14, 2025

ricardojoserf / NativeBypassCredGuard

Bypass Credential Guard by patching WDigest.dll using only NTAPI functions

C++ 258 32 Updated Apr 8, 2025

d1rkmtrr / dark-kill

A user-mode code and its rootkit that will Kill EDR Processes permanently by leveraging the power of Process Creation Blocking Kernel Callback Routine registering and ZwTerminateProcess.

C++ 238 50 Updated Jun 10, 2025

Cracked5pider / earlycascade-injection

early cascade injection PoC based on Outflanks blog post

C++ 232 31 Updated Nov 7, 2024

fin3ss3g0d / StoneKeeper

StoneKeeper C2, an experimental EDR evasion framework for research purposes

C++ 207 20 Updated Dec 25, 2024

d1rkmtrr / D1rkInject

Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, and reverting back memory protections and original memory state

C++ 180 34 Updated Aug 2, 2023

xaitax / NTSleuth

Comprehensive Windows Syscall Extraction & Analysis Framework

C++ 150 26 Updated Aug 30, 2025

rasta-mouse / SpawnWith

C++ 109 18 Updated Feb 17, 2025

rasta-mouse / SCMUACBypass

C++ 100 18 Updated Sep 5, 2023

ricardojoserf / NativeTokenImpersonate

Impersonate Tokens using only NTAPI functions

C++ 80 20 Updated Apr 4, 2025

fin3ss3g0d / IoDllProxyLoad

DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly

C++ 62 12 Updated Mar 19, 2024

k4yt3x / InstantSuspend

Instantly suspend processes to bypass kernel driver protections.

C++ 21 4 Updated Dec 10, 2024

p0dalirius / FindStringInRegistry

A simple C++ Windows program search for a string in all the registry hives.

C++ 3 1 Updated Apr 1, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly