BishopFox / asminject
Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace by accessing /proc/<pid>/mem. Useful for certain post-exploitation scenarios, recovering content from process memory, etc..
☆117Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for asminject
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆180Updated 10 months ago
- Ghidra scripts for recovering string definitions in Go binaries☆103Updated last week
- eBPF hacks☆173Updated 2 months ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆77Updated 3 weeks ago
- ☆45Updated 2 years ago
- stealth userland kit that doesn't use sys_clone/sys_execve call☆28Updated 10 months ago
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆141Updated last year
- An automatic Blind ROP exploitation tool☆190Updated last year
- A stealthy ELF loader - no files, no execve, no RWX☆156Updated 10 months ago
- Mara is a userland pty/tty sniffer☆52Updated 10 months ago
- Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock …☆174Updated last month
- GLUFS allows you to automate the tedious process of finding leaks using format string vulnerabilities.☆25Updated 2 years ago
- Linux Kernel module-less implant (backdoor)☆66Updated 3 years ago
- Execute ELF files without dropping them on disk☆482Updated 4 months ago
- Venom is a library that meant to perform evasive communication using stolen browser socket☆373Updated last year
- The source code files that accompany the short book "Building C2 Implants in C++: A Primer" by Steven Patterson (@shogun_lab).☆222Updated 4 months ago
- ☆201Updated 3 weeks ago
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆61Updated 7 months ago
- SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)☆239Updated 9 months ago
- Tools for analyzing EDR agents☆208Updated 5 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆194Updated last year
- Linux process injection PoCs☆27Updated 6 months ago
- nysm is a stealth post-exploitation container.☆237Updated 11 months ago
- A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files …☆125Updated 4 months ago
- Native Syscalls Shellcode Injector☆262Updated last year
- Scripts to run within Ghidra, maintained by the Trellix ARC team☆89Updated 2 months ago
- bdvl☆109Updated 2 years ago
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆86Updated 2 years ago
- This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.☆470Updated 3 weeks ago
- ELFEN: Automated Linux Malware Analysis Sandbox☆117Updated 4 months ago