0xflux/Rust-Hells-Gate external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

0xflux/Rust-Hells-Gate

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/0xflux/Rust-Hells-Gate)

Close

0xflux / Rust-Hells-GateView on GitHubMore

• External links
• Readme badge

Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust

☆86Jun 4, 2024Updated last year

Alternatives and similar repositories for Rust-Hells-Gate

Users that are interested in Rust-Hells-Gate are comparing it to the libraries listed below

• Teach2Breach / rust_api_demo

  View on GitHub
  various methods of making API calls
  ☆19Feb 1, 2025Updated last year
• buldansec / EnableEFS

  View on GitHub
  Enable EFS service as low priv user (PE & BOF)
  ☆21Jul 6, 2025Updated 7 months ago
• Teach2Breach / rpeloader

  View on GitHub
  use python on windows with full submodule support without installation
  ☆30Jan 23, 2025Updated last year
• affix / rusty-hollow

  View on GitHub
  Unix Process hollowing in rust
  ☆22Dec 16, 2024Updated last year
• 0xflux / ETW-Bypass-Rust

  View on GitHub
  Event Tracing for Windows EDR bypass in Rust (usermode)
  ☆39Jun 9, 2024Updated last year
• b1-team / phantom

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆17Aug 14, 2023Updated 2 years ago
• ANYLNK / NSecSoftBYOVD

  View on GitHub
  NSecSoftBYOVD POC
  ☆57Feb 12, 2026Updated 2 weeks ago
• safedv / RustVEHSyscalls

  View on GitHub
  A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.
  ☆161Oct 31, 2024Updated last year
• melotic / nanostorm

  View on GitHub
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆21Dec 15, 2024Updated last year
• 0xflux / Vectored-Exception-Handling-Squared

  View on GitHub
  Vectored Exception Handling Squared
  ☆29Dec 27, 2025Updated 2 months ago
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆210Jan 28, 2026Updated last month
• 0xflux / Sanctum

  View on GitHub
  Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…
  ☆515Feb 15, 2026Updated 2 weeks ago
• aniko33 / AlcatrazLdr

  View on GitHub
  Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection
  ☆10Feb 26, 2025Updated last year
• JayGLXR / NomadLoader

  View on GitHub
  An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…
  ☆65Mar 1, 2025Updated last year
• b1-team / dll-hijack

  View on GitHub
  Dll hijack -- just one macro
  ☆12Jul 3, 2023Updated 2 years ago
• janoglezcampos / rust_syscalls

  View on GitHub
  Single stub direct and indirect syscalling with runtime SSN resolving for windows.
  ☆233Mar 23, 2023Updated 2 years ago
• joaoviictorti / rustbof

  View on GitHub
  A Rust template for writing Beacon Object Files (BOFs)
  ☆100Feb 11, 2026Updated 2 weeks ago
• trickster0 / NamelessC2

  View on GitHub
  Nameless C2 - A C2 with all its components written in Rust
  ☆283Sep 26, 2024Updated last year
• EduContin / hidden-vnc

  View on GitHub
  HVNC PoC (Hidden VNC) in Rust
  ☆40Sep 2, 2025Updated 6 months ago
• Nariod / RustPacker

  View on GitHub
  Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.
  ☆318Jun 24, 2025Updated 8 months ago
• safedv / Rustic64

  View on GitHub
  64-bit, position-independent implant template for Windows in Rust.
  ☆173Nov 28, 2025Updated 3 months ago
• MythicAgents / arachne

  View on GitHub
  Webshell agent in aspx and php
  ☆28Dec 11, 2025Updated 2 months ago
• tehstoni / RustyDumper

  View on GitHub
  Process dumper wrote in rust.
  ☆14Sep 16, 2024Updated last year
• Teach2Breach / snapinject_rs

  View on GitHub
  A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …
  ☆50Jan 25, 2025Updated last year
• Azr43lKn1ght / Rusty-PE-Packer

  View on GitHub
  A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.
  ☆42Jan 9, 2025Updated last year
• Teach2Breach / nt_unhooker

  View on GitHub
  demo unhooking functions in ntdll
  ☆28Jul 15, 2025Updated 7 months ago
• Cracked5pider / kaine-assembly

  View on GitHub
  a demo module for the kaine agent to execute and inject assembly modules
  ☆41Aug 28, 2024Updated last year
• trickster0 / EDR_Detector

  View on GitHub
  EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.
  ☆94Nov 5, 2021Updated 4 years ago
• xRedCodex / BofArsenal

  View on GitHub
  The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23
  ☆23Jun 19, 2025Updated 8 months ago
• tianlusec / TL-NodeJsShell

  View on GitHub
  TL-NodeJsShell 是一个为安全专业人员和渗透测试人员设计的综合性 WebShell 管理平台。它提供了一个现代化的 Web 界面，用于管理基于 Node.js 的 Shell，具有内存马注入、命令执行、文件管理和代理支持等高级功能。
  ☆80Dec 12, 2025Updated 2 months ago
• joaoviictorti / rustclr

  View on GitHub
  Host CLR and run .NET binaries using Rust
  ☆151Dec 23, 2025Updated 2 months ago
• 0xTriboulet / rdll-rs

  View on GitHub
  A reflective DLL development template for the Rust programming language
  ☆114Nov 4, 2025Updated 3 months ago
• Whitecat18 / PE-Analyzer.rs

  View on GitHub
  Simple Project that Extracts PE Information.
  ☆21Apr 4, 2025Updated 10 months ago
• xiao-zhu-zhu / RustBypassMap

  View on GitHub
  rust 免杀，方法记录 - 偶尔更新
  ☆92Apr 25, 2024Updated last year
• Whitecat18 / earlycascade-injection

  View on GitHub
  Early cascade injection PoC based on Outflanks blog post written in Rust
  ☆68Dec 26, 2025Updated 2 months ago
• KingOfTheNOPs / Get-NetNTLM

  View on GitHub
  Internal Monologue BOF
  ☆79Dec 28, 2024Updated last year
• ghost-ng / slinger

  View on GitHub
  An impacket-lite cli tool that combines many useful impacket functions using a single session.
  ☆57Jan 14, 2026Updated last month
• safedv / RustPotato

  View on GitHub
  A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…
  ☆354Apr 26, 2025Updated 10 months ago
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆35Jan 20, 2025Updated last year