0xflux / Rust-Hells-GateLinks
Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
☆55Updated last year
Alternatives and similar repositories for Rust-Hells-Gate
Users that are interested in Rust-Hells-Gate are comparing it to the libraries listed below
Sorting:
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆145Updated 7 months ago
- A runas implementation with extra features in Rust☆41Updated last month
- Dynamically invoke arbitrary code and use various tricks written idiomatically in Rust (Dinvoke)☆77Updated this week
- A COFF Loader written in Rust☆100Updated 3 weeks ago
- A reflective DLL development template for the Rust programming language☆87Updated 2 weeks ago
- Rust For Windows Cheatsheet☆120Updated 7 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆77Updated 3 months ago
- Template-based generation of shellcode loaders☆77Updated last year
- DLL proxying for lazy people☆159Updated 6 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆63Updated last month
- Inject a shellcode in a remote process using Process Hollowing.☆50Updated 3 years ago
- 64-bit, position-independent implant template for Windows in Rust.☆130Updated last month
- Call Stack Spoofing for Rust☆161Updated last week
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 10 months ago
- Host CLR and run .NET binaries using Rust☆107Updated last month
- A Rust crate to parse user-mode minidump files generated on Windows☆14Updated last month
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆84Updated 2 years ago
- "Service-less" driver loading☆155Updated 6 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆72Updated last year
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- Select any exported function in a dll as the new dll's entry point.☆79Updated 7 months ago
- ☆190Updated last year
- Shellcode loader that executes embedded Lua from Rust.☆113Updated 5 months ago
- random code snippets, useful for getting started☆120Updated 6 months ago
- Early Bird APC Injection in Rust☆57Updated 7 months ago
- remote process injections using pool party techniques☆60Updated 3 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆58Updated 6 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆55Updated 2 months ago
- Command & Control server and agent written in Rust☆36Updated 2 years ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆69Updated last month