0xflux / Rust-Hells-GateLinks
Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
☆69Updated last year
Alternatives and similar repositories for Rust-Hells-Gate
Users that are interested in Rust-Hells-Gate are comparing it to the libraries listed below
Sorting:
- Some Rust program I wrote while learning Malware Development☆147Updated 8 months ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆155Updated 11 months ago
- A runas implementation with extra features in Rust☆48Updated last month
- Memory Obfuscation in Rust☆254Updated last month
- DLL proxying for lazy people☆190Updated last month
- Rust For Windows Cheatsheet☆121Updated 11 months ago
- Shellcode loader that executes embedded Lua from Rust.☆126Updated 9 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆143Updated 5 months ago
- Early Bird APC Injection in Rust☆62Updated 11 months ago
- A reflective DLL development template for the Rust programming language☆108Updated 4 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆225Updated 7 months ago
- Host CLR and run .NET binaries using Rust☆133Updated last week
- A COFF Loader written in Rust☆125Updated 3 weeks ago
- Using fibers to run in-memory code.☆220Updated last year
- Activation Context Hijack☆169Updated 2 months ago
- Payload encoding utility to effectively lower payload entropy.☆120Updated 5 months ago
- A pointer encryption library intended for Red Team implant design in Rust.☆31Updated this week
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- Call Stack Spoofing for Rust☆192Updated this week
- Linker for Beacon Object Files☆127Updated last week
- ☆197Updated last year
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆233Updated 3 weeks ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆100Updated 7 months ago
- Dynamically invoke arbitrary code in Rust (Dinvoke)☆93Updated last week
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆272Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- Shellcode loader designed for evasion. Coded in Rust.☆133Updated 2 years ago
- Template-based generation of shellcode loaders☆79Updated last year
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆80Updated 5 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆200Updated 4 months ago