7h3w4lk3r / RexLdr
Rex Shellcode Loader for AV/EDR evasion
☆28Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for RexLdr
- ☆34Updated last year
- stack spoofing☆55Updated this week
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆55Updated 3 months ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- TypeLib persistence technique☆75Updated last month
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month
- Create Anti-Copy DRM Malware☆46Updated 3 months ago
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆39Updated 11 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆22Updated 2 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆51Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆95Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 9 months ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- ☆62Updated 9 months ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 10 months ago
- Sliver agent rewritten in C++☆39Updated 2 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆63Updated last year
- This program detects if any security software (AV, EDR, XDR, firewall, etc.) is running on the system. The program searches the list of r…☆42Updated 5 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆73Updated last month
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆113Updated last year
- ☆38Updated last year
- Reasonably undetected shellcode stager and executer.☆35Updated 2 months ago
- Slides and POC demo for my talk at Divizion Zero on EDR evasion titled "Evasion Adventures"☆23Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆38Updated 11 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- Template-based generation of shellcode loaders☆67Updated 7 months ago
- Sleep Obfuscation☆41Updated 2 years ago
- EmbedExeLnk by x86matthew modified by d4rkiZ☆29Updated last year