aaaddress1 / masqueradeCmdline Public

Notifications You must be signed in to change notification settings
Fork 15
Star 37

A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.

37 stars 15 forks Branches Tags Activity

Notifications

Name		Name	Last commit message	Last commit date
Latest commit History 6 Commits
masqueradeCmdline		masqueradeCmdline
Demo.png		Demo.png
README.md		README.md
masqueradeCmdline.sln		masqueradeCmdline.sln

Repository files navigation

masqueradeCmdline

masquerade cmdline of the child process to bypass Anti-Virus or EDR (C++)

About

A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.

windows redteam redteam-tools

Report repository

Releases 1

mqCmdline Tool Latest

Packages

No packages published

Languages

C++ 100.0%