7h3w4lk3r / RexLdr
Rex Shellcode Loader for AV/EDR evasion
☆27Updated 7 months ago
Related projects ⓘ
Alternatives and complementary repositories for RexLdr
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆94Updated last year
- Red Team Operation's Defense Evasion Technique.☆51Updated 5 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆73Updated last month
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆36Updated 10 months ago
- ☆61Updated 9 months ago
- This program detects if any security software (AV, EDR, XDR, firewall, etc.) is running on the system. The program searches the list of r…☆42Updated 4 months ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- ☆34Updated last year
- Create Anti-Copy DRM Malware☆42Updated 2 months ago
- TypeLib persistence technique☆69Updated 2 weeks ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆39Updated 9 months ago
- NativePayload_PE1/PE2 , Injecting Meterpreter Payload bytes into local Process via Delegation Technique + in-memory with delay Changing R…☆57Updated last year
- ☆38Updated last year
- Various methods of executing shellcode☆68Updated last year
- Winsocket for Cobalt Strike.☆98Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 8 months ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- Implementation of Indirect Syscall technique to pop a calc.exe☆92Updated 9 months ago
- ApexLdr is a DLL Payload Loader written in C☆104Updated 3 months ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆51Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆113Updated last year
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆21Updated last month
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- Alternative Shellcode Execution Via Callbacks in C# with P/Invoke☆72Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆84Updated 7 months ago
- Identify and exploit leaked handles for local privilege escalation.☆105Updated last year