0xflux / Rust-Hells-GateLinks
Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust
☆70Updated last year
Alternatives and similar repositories for Rust-Hells-Gate
Users that are interested in Rust-Hells-Gate are comparing it to the libraries listed below
Sorting:
- A runas implementation with extra features in Rust☆48Updated last week
- 64-bit, position-independent implant template for Windows in Rust.☆145Updated 6 months ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆155Updated 11 months ago
- Rust For Windows Cheatsheet☆121Updated 11 months ago
- DLL proxying for lazy people☆189Updated 2 months ago
- A pointer encryption library intended for Red Team implant design in Rust.☆59Updated 3 weeks ago
- Call Stack Spoofing for Rust☆192Updated last week
- Some Rust program I wrote while learning Malware Development☆149Updated 8 months ago
- Activation Context Hijack☆170Updated 2 months ago
- Shellcode loader that executes embedded Lua from Rust.☆126Updated 10 months ago
- Memory Obfuscation in Rust☆257Updated this week
- A reflective DLL development template for the Rust programming language☆108Updated 5 months ago
- A COFF Loader written in Rust☆128Updated last week
- Early Bird APC Injection in Rust☆62Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆102Updated 8 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆80Updated 6 months ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- Dynamically invoke arbitrary code in Rust (Dinvoke)☆91Updated last week
- Create Anti-Copy DRM Malware☆67Updated last year
- Payload encoding utility to effectively lower payload entropy.☆119Updated 6 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆227Updated 8 months ago
- Host CLR and run .NET binaries using Rust☆132Updated last week
- Using fibers to run in-memory code.☆220Updated 2 years ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆37Updated 7 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Updated 2 years ago
- ☆198Updated last year
- Windows Persistence IT-Security☆106Updated 7 months ago
- Malware?☆74Updated last year
- Code execution/injection technique using DLL PEB module structure manipulation☆208Updated 4 months ago