Callstack spoofing using a VEH because VEH all the things.
☆23Mar 18, 2025Updated last year
Alternatives and similar repositories for vehspoof
Users that are interested in vehspoof are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- various methods of making API calls☆19Feb 1, 2025Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 7 months ago
- ☆49Dec 21, 2025Updated 3 months ago
- ☆65Dec 19, 2024Updated last year
- Next gen process injection technique☆54Jul 9, 2020Updated 5 years ago
- NordVPN Threat Protection Pro™ • AdTake your cybersecurity to the next level. Block phishing, malware, trackers, and ads. Lightweight app that works with all browsers.
- A collection of position independent coding resources☆109Nov 15, 2025Updated 4 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated last year
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆129Jan 28, 2026Updated last month
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 6 months ago
- A repository holding Proof of Concepts for executing the calculator application via different file formats☆42Jun 27, 2024Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆426Feb 11, 2024Updated 2 years ago
- Parses cached certificate templates from a Windows Registry file and displays them in the same style as Certipy does☆95Jul 3, 2025Updated 8 months ago
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- Proof of concepts demonstrating some aspects of the Windows kernel shadow stack mitigation.☆55Jun 2, 2025Updated 9 months ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Transparently call NTAPI via Halo's Gate with indirect syscalls.☆15Apr 26, 2024Updated last year
- A cmake template for crystal palace☆40Dec 20, 2025Updated 3 months ago
- A service container for interacting with SRA's VECTR☆16Apr 9, 2025Updated 11 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- Its a coff loader ported to go☆20Oct 2, 2022Updated 3 years ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆125Dec 23, 2025Updated 3 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 6 months ago
- ☆209Mar 22, 2021Updated 5 years ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆140Jul 2, 2025Updated 8 months ago
- Call stack spoofing for Rust☆360Feb 7, 2025Updated last year
- Signature finder (from PE-bear)☆40Aug 25, 2025Updated 7 months ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 6 months ago
- SACL Scanner is a tool designed to scan and analyze SACLs.☆51Feb 13, 2025Updated last year
- ☆38Apr 15, 2025Updated 11 months ago
- A shellcode function to encrypt a running process image when sleeping.☆339Sep 11, 2021Updated 4 years ago
- Self-cleaning in-memory PICO loader for Crystal Palace. Automatically erases traces and operates entirely in memory for stealthy payload …☆51Nov 2, 2025Updated 4 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- Resources from my journey into Windows binary exploitation☆24Jan 14, 2019Updated 7 years ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆185Aug 2, 2023Updated 2 years ago
- Python module for running BOFs☆80Nov 28, 2025Updated 3 months ago
- From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…☆53Mar 16, 2026Updated last week
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 8 months ago
- A short scraper looking for a POC of CVE-2024-49112☆14Dec 16, 2024Updated last year