0x4d5a-ctf / 38c3_com_talk
Slides for COM Hijacking AV/EDR Talk on 38c3
☆71Updated last month
Alternatives and similar repositories for 38c3_com_talk:
Users that are interested in 38c3_com_talk are comparing it to the libraries listed below
- ☆60Updated 8 months ago
- ☆84Updated 6 months ago
- "Service-less" driver loading☆148Updated 2 months ago
- Execute dotnet app from unmanaged process☆70Updated last month
- CVE-2024-30090 - LPE PoC☆103Updated 4 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆54Updated last month
- ☆94Updated last month
- BOF with Synthetic Stackframe☆108Updated 3 weeks ago
- A collection of position independent coding resources☆67Updated this week
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆93Updated 10 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆50Updated 3 months ago
- stack spoofing☆80Updated 3 months ago
- ☆97Updated last year
- ☆51Updated last month
- Find DLLs with RWX section☆76Updated last year
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- 32bit MIPS I VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆111Updated 2 months ago
- TypeLib persistence technique☆107Updated 3 months ago
- A more reliable way of resolving syscall numbers in Windows☆48Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 6 months ago
- Section-based payload obfuscation technique for x64☆59Updated 6 months ago
- A C++ PoC implementation for enumerating Windows Fibers directly from memory☆17Updated 9 months ago
- ☆29Updated 2 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆110Updated 4 months ago
- A set of programs for analyzing common vulnerabilities in COM☆193Updated 5 months ago
- ☆120Updated last year