5 个仓库
Security tools that operate exclusively in volatile memory to minimize forensic footprints.
Distinct from Volatile Memory Processing: Distinct from Volatile Memory Processing: focuses on the execution model of the tool itself rather than general data handling practices.
Explore 5 awesome GitHub repositories matching security & cryptography · Memory-Only Execution. Refine with filters or upvote what's useful.
PEASS-ng is an automated penetration testing framework designed to identify privilege escalation vectors on local systems. It functions as a security assessment utility that scans environments for misconfigurations, sensitive files, and insecure permissions to uncover paths for unauthorized privilege elevation. The project distinguishes itself through a modular script-based enumeration engine that adapts to the target environment. It utilizes environment-aware capability detection and cross-platform shell abstraction to normalize data collection across diverse operating systems, while operati
Operates primarily within volatile memory to avoid leaving permanent traces on the target system.
PowerSploit is a collection of PowerShell modules designed for security assessment, penetration testing, and red team operations. It provides a framework for auditing Windows system configurations and evaluating the effectiveness of security defenses within an enterprise environment. The framework focuses on techniques that leverage native system administration tools and scripting environments to perform operations. It includes capabilities for executing arbitrary commands, escalating user privileges, and maintaining system persistence through event subscriptions. By utilizing in-memory execu
Executes malicious payloads entirely within volatile memory to minimize forensic footprints on storage.
Sliver is a command and control framework designed for adversary emulation and security assessment operations. It provides a centralized platform for managing remote systems, enabling security professionals to coordinate multi-operator sessions and maintain persistent, secure communication channels across diverse network environments. The framework distinguishes itself through its focus on stealth and infrastructure flexibility. It utilizes dynamic payload obfuscation to generate unique binaries and supports in-memory execution to minimize disk artifacts. Communication is secured through mutu
Supports in-memory execution of payloads to minimize disk artifacts and evade forensic detection.
Nishang is a PowerShell-based offensive security framework designed for red teaming and penetration testing on Windows targets. It functions as a post-exploitation toolkit and payload generator to automate attacks and manage remote targets. The project provides specialized capabilities for bypassing security controls, such as disabling the Antimalware Scan Interface and employing in-memory execution to avoid disk-based detection. It includes a variety of stealthy command and control mechanisms, utilizing non-standard channels like DNS TXT records, ICMP traffic, and webmail for communication a
Executes scripts or shellcode exclusively in volatile memory to minimize the forensic footprint on disk.
Phantom-Evasion is a security research framework designed for generating obfuscated payloads and automating post-exploitation tasks during authorized security assessments. It provides a suite of utilities for creating custom executables and libraries intended to test the effectiveness of antivirus and endpoint security detection systems. The framework distinguishes itself through a focus on memory-resident operations, allowing for the execution of encrypted binaries and shellcode directly within system memory. By utilizing techniques such as junk code injection, payload encryption, and remote
Provides a framework for fetching and loading encrypted binaries directly into system memory to avoid writing files to the local disk.