BishopFox / asminjectLinks
Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace by accessing /proc/<pid>/mem. Useful for certain post-exploitation scenarios, recovering content from process memory, etc..
☆143Updated 3 years ago
Alternatives and similar repositories for asminject
Users that are interested in asminject are comparing it to the libraries listed below
Sorting:
- Ghidra scripts for recovering string definitions in Go binaries☆127Updated 2 months ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆138Updated 8 months ago
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆199Updated 2 years ago
- Linux Kernel module-less implant (backdoor)☆73Updated 4 years ago
- ☆83Updated last year
- Userland exec PoC to be used as attack vector technique☆94Updated 3 months ago
- LD_PRELOAD rootkit☆137Updated last year
- eBPF hacks☆195Updated last year
- This repository contains the public work I produced, wheter it is research, post, slides, sometimes videos, and materials of my talks.☆52Updated 6 months ago
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆146Updated 3 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆123Updated 3 years ago
- Code snippets for bare-metal malware development☆98Updated 3 years ago
- Advanced exploits that I wrote for Pwn2Own competitions and other occasions☆169Updated last year
- ☆207Updated last year
- Mara is a userland pty/tty sniffer☆53Updated 2 years ago
- ☆50Updated 3 years ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated 2 years ago
- ROPDump is a command-line tool designed to analyze binary executables for potential Return-Oriented Programming (ROP) gadgets, buffer ove…☆87Updated last year
- stealth userland kit that doesn't use sys_clone/sys_execve call☆34Updated 9 months ago
- SpiralBL0CK / Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20eRemote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of …☆48Updated last year
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆121Updated last year
- An automatic Blind ROP exploitation tool☆207Updated 2 years ago
- GERMY is a Linux Kernel n-day in the N_GSM line discipline☆49Updated last year
- Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock …☆209Updated 2 months ago
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆71Updated last year
- A stealthy ELF loader - no files, no execve, no RWX☆174Updated 2 years ago
- Slides & Hands-on for the reverse engineering workshop☆184Updated 3 years ago
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆72Updated 3 years ago
- Mega repo for exploit development. Contains individual exploits and libraries to assist during exploitation☆46Updated 3 years ago
- Linux process injection PoCs☆29Updated last year