BishopFox / asminjectLinks
Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace by accessing /proc/<pid>/mem. Useful for certain post-exploitation scenarios, recovering content from process memory, etc..
☆132Updated 2 years ago
Alternatives and similar repositories for asminject
Users that are interested in asminject are comparing it to the libraries listed below
Sorting:
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆189Updated last year
- Ghidra scripts for recovering string definitions in Go binaries☆114Updated 7 months ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆115Updated 3 weeks ago
- Userland exec PoC to be used as attack vector technique☆85Updated 4 months ago
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆66Updated last year
- stealth userland kit that doesn't use sys_clone/sys_execve call☆30Updated 2 months ago
- A stealthy ELF loader - no files, no execve, no RWX☆167Updated last year
- LD_PRELOAD rootkit☆132Updated last year
- ☆80Updated last year
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆147Updated 2 years ago
- Linux Kernel module-less implant (backdoor)☆73Updated 4 years ago
- ☆47Updated 2 years ago
- Get root via TTY / TIOCSTI stuffing☆76Updated last month
- eBPF hacks☆187Updated 6 months ago
- ☆89Updated 4 months ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆116Updated last year
- An automatic Blind ROP exploitation tool☆204Updated 2 years ago
- Linux process injection PoCs☆31Updated last year
- ☆96Updated 3 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆119Updated 2 years ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆112Updated 9 months ago
- Code snippets for bare-metal malware development☆98Updated 3 years ago
- ☆74Updated 6 months ago
- Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation☆127Updated last year
- SSHD Based implant supporting tunneling mecanisms to reach the C2 (DNS, ICMP, HTTP Encapsulation, HTTP/Socks Proxies, UDP...)☆267Updated 3 months ago
- Mara is a userland pty/tty sniffer☆53Updated last year
- Command line fuzzer and bruteforcer 🌪 wfuzz for command☆86Updated 2 years ago
- RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows☆7Updated 3 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆231Updated last year
- ☆148Updated last year