Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
☆88Jun 4, 2024Updated last year
Alternatives and similar repositories for Rust-Hells-Gate
Users that are interested in Rust-Hells-Gate are comparing it to the libraries listed below
Sorting:
- various methods of making API calls☆19Feb 1, 2025Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Event Tracing for Windows EDR bypass in Rust (usermode)☆39Jun 9, 2024Updated last year
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆21Dec 15, 2024Updated last year
- Call Stack Spoofing for Rust☆212Jan 28, 2026Updated last month
- NSecSoftBYOVD POC☆58Feb 12, 2026Updated last month
- Sanctum is an experimental proof-of-concept EDR, designed to detect modern malware techniques, above and beyond the capabilities of antiv…☆527Feb 15, 2026Updated last month
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆17Aug 14, 2023Updated 2 years ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 8 months ago
- A Rust template for writing Beacon Object Files (BOFs)☆113Feb 11, 2026Updated last month
- rust 免杀,方法记录 - 偶尔更新☆92Apr 25, 2024Updated last year
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆94Nov 5, 2021Updated 4 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆234Mar 23, 2023Updated 2 years ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- TL-NodeJsShell 是一个为安全专业人员和渗透测试人员设计的综合性 WebShell 管理平台。它提供了一个现代化的 Web 界面,用于管理基于 Node.js 的 Shell,具有内存马注入、命令执行、文件管理和代理支持等高级功能。☆80Dec 12, 2025Updated 3 months ago
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆321Mar 13, 2026Updated last week
- Nameless C2 - A C2 with all its components written in Rust☆284Sep 26, 2024Updated last year
- Webshell agent in aspx and php☆27Dec 11, 2025Updated 3 months ago
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆66Mar 1, 2025Updated last year
- Simple Project that Extracts PE Information.☆22Apr 4, 2025Updated 11 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆174Nov 28, 2025Updated 3 months ago
- Implementation of Advanced Module Stomping and Heap/Stack Encryption☆10Jul 25, 2023Updated 2 years ago
- The most extensive collection of BOFs (Beacon Object Files) tailored for Red Teams using C++23☆23Jun 19, 2025Updated 9 months ago
- Dll hijack -- just one macro☆13Jul 3, 2023Updated 2 years ago
- A reflective DLL development template for the Rust programming language☆116Nov 4, 2025Updated 4 months ago
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- HVNC PoC (Hidden VNC) in Rust☆41Sep 2, 2025Updated 6 months ago
- A tool that supports finding and abusing whitelisted programs to allow arbitrary file writing into the executable folder of Antivirus sof…☆82Nov 1, 2025Updated 4 months ago
- Host CLR and run .NET binaries using Rust☆153Dec 23, 2025Updated 2 months ago
- rekk is set of tools written in Rust to obfuscate ELF & PE executables with nanomites.☆32Dec 15, 2024Updated last year
- windows-rs shellcode loaders☆393Jul 11, 2024Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆358Updated this week
- BloodyAv is Custom Shell Code loader to Bypass Av and Edr.☆14Mar 21, 2022Updated 4 years ago