7h3w4lk3r / RexLdr
Rex Shellcode Loader for AV/EDR evasion
☆31Updated 11 months ago
Alternatives and similar repositories for RexLdr:
Users that are interested in RexLdr are comparing it to the libraries listed below
- ☆36Updated 2 years ago
- Create Anti-Copy DRM Malware☆54Updated 7 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆83Updated 2 years ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆84Updated 5 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆90Updated 9 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆62Updated 3 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆79Updated 5 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆101Updated 2 years ago
- Sliver agent rewritten in C++☆44Updated 6 months ago
- I have documented all of the AMSI patches that I learned till now☆71Updated this week
- TypeLib persistence technique☆109Updated 5 months ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆93Updated last year
- Do some DLL SideLoading magic☆80Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆118Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆68Updated last year
- ☆39Updated 2 years ago
- Template-based generation of shellcode loaders☆77Updated 11 months ago
- ☆95Updated 7 months ago
- Red Team Operation's Defense Evasion Technique.☆52Updated 9 months ago
- Reasonably undetected shellcode stager and executer.☆36Updated 6 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago
- Winsocket for Cobalt Strike.☆98Updated last year
- ApexLdr is a DLL Payload Loader written in C☆108Updated 8 months ago
- Threadless shellcode injection tool☆62Updated 7 months ago
- A modification to fortra's CVE-2023-28252 exploit, compiled to exe☆53Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 6 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆62Updated last year