0xcf80 / ShellCodeLoader_Indirect_SyscallsLinks
Shellcode Loader using indirect syscalls
☆16Updated last year
Alternatives and similar repositories for ShellCodeLoader_Indirect_Syscalls
Users that are interested in ShellCodeLoader_Indirect_Syscalls are comparing it to the libraries listed below
Sorting:
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆59Updated 4 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Updated last month
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 8 months ago
- I have documented all of the AMSI patches that I learned till now☆73Updated 6 months ago
- BadExclusionsNWBO is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR☆75Updated last year
- Less sugar (entropy) for your binaries☆34Updated 3 weeks ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆62Updated last year
- Modern PIC implant for Windows (64 & 32 bit)☆104Updated 2 months ago
- ☆53Updated last week
- ☆37Updated 2 years ago
- ☆80Updated last year
- ☆29Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 11 months ago
- Beacon Debugger☆55Updated 11 months ago
- ☆50Updated 2 months ago
- ☆32Updated 6 months ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆41Updated 2 years ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆54Updated 3 months ago
- ☆100Updated 2 years ago
- Tool to bypass LSA Protection (aka Protected Process Light)☆58Updated 9 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆52Updated 4 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆26Updated last year
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆80Updated 5 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆56Updated 5 months ago
- Bypassing Amsi using LdrLoadDll☆46Updated 8 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated 2 years ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 8 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆34Updated 3 weeks ago
- ☆29Updated 8 months ago