Process Hollowing in Rust with Process Executable Relocation Support for both 32 and 64 bit architecture environments.
☆22Jan 6, 2025Updated last year
Alternatives and similar repositories for Rust-ProcHollow
Users that are interested in Rust-ProcHollow are comparing it to the libraries listed below
Sorting:
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Your Skyfall Infrastructure Pack☆89Jan 25, 2026Updated last month
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 7 months ago
- Port of Mandiant ShellcodeHashes plugin from IDA to BinaryNinja☆11Jul 24, 2024Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year
- Repository to gather the BOF files I will be developing☆11Oct 1, 2024Updated last year
- User-Defined C2 BOF Template☆28Nov 24, 2025Updated 3 months ago
- Just a nice little shellcode loader using unconventional methods to avoid using signatured APIs☆23Jul 11, 2025Updated 7 months ago
- Good CLR Host with Native patchless AMSI Bypass☆103Apr 18, 2025Updated 10 months ago
- A tool to assist DLL hijacking via the Havoc GUI☆12Jan 9, 2024Updated 2 years ago
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- A logging ASKPASS binary☆29May 29, 2020Updated 5 years ago
- Test AMSI Provider implementation in C#☆42Dec 18, 2024Updated last year
- ☆38Feb 26, 2025Updated last year
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Tool developed using csharp (.net 4.5) for compressing and encrypting files to shorten transfer times. Supports multi-file compression an…☆14Feb 15, 2024Updated 2 years ago
- simple shellcode injector for Windows / Process Hollowing☆15Jun 26, 2024Updated last year
- Nice try reading NTDLL from disk, nerd.☆19Apr 18, 2022Updated 3 years ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Parse SDDL strings☆37Apr 1, 2024Updated last year
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- A simple BOF (Beacon Object File) to search files in the system☆15Dec 2, 2023Updated 2 years ago
- ☆17May 7, 2025Updated 9 months ago
- ☆22Jan 15, 2025Updated last year
- various methods of making API calls☆19Feb 1, 2025Updated last year
- ☆75Feb 4, 2024Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- CobaltStrike Aggressor Script to utilise FuzzySec's Windows Notification Framework Research to Spawn a Shell under Explorer.exe☆16Jul 6, 2019Updated 6 years ago
- can convert EXE/DLL into position-independent shellcode☆40Feb 1, 2026Updated last month
- BypassCredGuard CS BOF☆51Jan 23, 2025Updated last year
- A C# tool for extracting information from SCCM PXE boot media.☆51Jan 14, 2026Updated last month
- My experience using Windows API for offensive purposes☆17Jul 10, 2021Updated 4 years ago
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- Bypassing Amsi using LdrLoadDll☆47Jan 8, 2025Updated last year
- Template-based generation of shellcode loaders☆80Apr 20, 2024Updated last year
- Are you forwarding DNS traffic to another server for some reason, but want to make sure only queries for certain names are passed? Say no…☆20Oct 16, 2022Updated 3 years ago
- ☆18Jan 14, 2026Updated last month