Extracts TEXT section of a PE, ELF, or Mach-O executable to shellcode
☆105May 5, 2023Updated 2 years ago
Alternatives and similar repositories for exec2shell
Users that are interested in exec2shell are comparing it to the libraries listed below
Sorting:
- Small utility package for manipulating Windows process tokens☆26Apr 26, 2022Updated 3 years ago
- easy dll proxying in go☆14Apr 24, 2022Updated 3 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- Encrypt embedded go files using age.☆49Oct 21, 2021Updated 4 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- Load and execute a common object file format (COFF) in the current process☆32Mar 9, 2024Updated last year
- ☆129Jun 28, 2023Updated 2 years ago
- A work in progress BOF/COFF loader in Rust☆50Mar 22, 2023Updated 2 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- ☆101Oct 7, 2023Updated 2 years ago
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆714Mar 4, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Jan 14, 2024Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- indirect syscalls for AV/EDR evasion in Go assembly☆371Jun 13, 2023Updated 2 years ago
- Really stupid re-implementation of invoke-wmiexec☆217Feb 25, 2023Updated 3 years ago
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago
- 这是一个shellcode简单的示例demo,�使目标exe程序转换为shellcode可执行程序的一个demo【并不打算后期维护】,两年前写的,我发现被工作磨平了对技术的探索,今天翻到发现的。☆11Sep 23, 2023Updated 2 years ago
- A rust library that allows you to host the CLR and execute dotnet binaries.☆236Mar 12, 2025Updated 11 months ago
- Shikata ga nai (仕方がない) encoder ported into go with several improvements☆31Jan 28, 2026Updated last month
- bof-launcher - a library for loading, executing and in-memory masking BOFs on Windows (x64, x86) and Linux (x64, x86, aarch64, arm). Read…☆298Updated this week
- desktop screenshot☆29Apr 26, 2023Updated 2 years ago
- ☆83Nov 1, 2023Updated 2 years ago
- Generate droppers with encrypted payloads automatically.☆54Nov 16, 2021Updated 4 years ago
- Shellcode reflective DLL injection in Rust☆27Dec 26, 2025Updated 2 months ago
- Loads a program into a memfd and runs it.☆11May 22, 2022Updated 3 years ago
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- CLI tool written in Go to generate Canary Tokens from https://canarytokens.org☆13Aug 22, 2025Updated 6 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆275Apr 17, 2023Updated 2 years ago
- ☆88Jun 17, 2023Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆129Sep 27, 2023Updated 2 years ago
- Golang reverse proxy with CobaltStrike malleable profile validation.☆109Jan 19, 2023Updated 3 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆226Sep 13, 2022Updated 3 years ago
- A Custom CLR Assembly for MSSQL of the popular tool GodPotato☆81Jun 19, 2023Updated 2 years ago
- C# Reflective loader for unmanaged binaries.☆446Jan 25, 2023Updated 3 years ago
- Reflective DLL loading of your favorite Golang program☆173Jan 27, 2020Updated 6 years ago