7h3w4lk3r / RexLdrLinks
Rex Shellcode Loader for AV/EDR evasion
☆33Updated last year
Alternatives and similar repositories for RexLdr
Users that are interested in RexLdr are comparing it to the libraries listed below
Sorting:
- Create Anti-Copy DRM Malware☆60Updated 11 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 9 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54Updated 2 months ago
- Template-based generation of shellcode loaders☆78Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆73Updated 4 months ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆121Updated 2 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated 11 months ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆100Updated 2 years ago
- Implementation of Indirect Syscall technique to pop a calc.exe☆105Updated last year
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆76Updated 3 months ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆70Updated last year
- ☆50Updated 2 years ago
- ApexLdr is a DLL Payload Loader written in C☆111Updated last year
- ☆120Updated 4 months ago
- Identify and exploit leaked handles for local privilege escalation.☆109Updated 2 years ago
- Indirect NT syscalls LSASS dumper.☆46Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆83Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆50Updated 2 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆45Updated 2 weeks ago
- ☆90Updated last year
- Windows Kernel Offensive Toolset☆125Updated last month
- Do some DLL SideLoading magic☆85Updated last year
- Various methods of executing shellcode☆71Updated 2 years ago
- TypeLib persistence technique☆119Updated 9 months ago
- ☆36Updated 2 years ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆71Updated 3 years ago