whereami
Environment extractor
A tool that extracts environment variables from a process without touching system DLLs using hand-crafted shellcode
Cobalt Strike Beacon Object File (BOF) that uses handwritten shellcode to return the process Environment strings without touching any DLL's.
160 stars
4 watching
28 forks
Language: C
last commit: over 1 year ago Related projects:
| Repository | Description | Stars |
|---|---|---|
| boku7/hollow | A tool that enables remote process shellcode execution using the Early Bird injection technique | 266 |
 outflanknl/findobjects-bof | An exploit tool that uses direct system calls to enumerate processes based on specific loaded modules or process handles | 266 |
 encodegroup/bof-regsave | Creates a tool to extract registry keys from Windows systems using a Beacon Object File | 186 |
| boku7/spawn | A Cobalt Strike Beacon tool that spawns a sacrificial process to execute shellcode, using techniques like Arbitrary Code Guard and PPID spoofing to evade detection. | 429 |
| boku7/halosgate-ps | A Cobalt Strike Beacon Object File (BOF) that uses custom syscaller code to make direct system calls to retrieve process information on the target system. | 94 |
 bromiumlabs/packerattacker | An application designed to detect and extract hidden code from malicious Windows executables. | 268 |
 vsec7/burpsuite-xkeys | An extension for Burp Suite to identify and extract interesting strings from web pages | 251 |
| boku7/injectetwbypass | Tool to bypass ETW (Event Tracing for Windows) security measure in remote processes by injecting a custom syscall | 277 |
 cobalt-strike/bof-vs | A Beacon Object File Visual Studio template project for creating malicious code executables | 138 |
 cocacola-lab/chatie | A framework for extracting information from unannotated text using large language models | 789 |
 anof-cyber/paraforge | An extension for Burp Suite to extract parameters and endpoints from requests to create custom wordlists for testing | 140 |
| boku7/xpipe | This tool lists active Windows pipes and returns their owners and DACL permissions | 75 |
 xlab-steampunk/ansible-doc-extractor | A tool to extract and format documentation from Ansible modules. | 16 |
| cobalt-strike/unhook-bof | Removes API hooks from a malicious process | 54 |
 vvvvalvalval/scope-capture | A Clojure library that captures and restores the local environment of a piece of code to simplify debugging | 576 |