BishopFox / asminject
Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86-64, x86, and ARM32 Linux processes without the use of ptrace by accessing /proc/<pid>/mem. Useful for certain post-exploitation scenarios, recovering content from process memory, etc..
☆125Updated 2 years ago
Alternatives and similar repositories for asminject:
Users that are interested in asminject are comparing it to the libraries listed below
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆183Updated last year
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆89Updated last month
- Linux Kernel module-less implant (backdoor)☆72Updated 4 years ago
- A stealthy ELF loader - no files, no execve, no RWX☆160Updated last year
- Get root via TTY / TIOCSTI stuffing☆70Updated 8 months ago
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆145Updated 2 years ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆114Updated 10 months ago
- Ghidra scripts for recovering string definitions in Go binaries☆110Updated 4 months ago
- ☆46Updated 2 years ago
- Slides & Hands-on for the reverse engineering workshop☆178Updated 2 years ago
- ☆77Updated 10 months ago
- Userland exec PoC to be used as attack vector technique☆81Updated last month
- LD_PRELOAD rootkit☆129Updated last year
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆64Updated 11 months ago
- GLUFS allows you to automate the tedious process of finding leaks using format string vulnerabilities.☆25Updated 2 years ago
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆229Updated last year
- Mara is a userland pty/tty sniffer☆53Updated last year
- CVE-2023-4911 proof of concept☆167Updated last year
- dlopen() filelessly a shared object or even a program (and run it).☆54Updated last year
- stealth userland kit that doesn't use sys_clone/sys_execve call☆30Updated last year
- Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock …☆185Updated 5 months ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆357Updated 2 years ago
- ☆204Updated 4 months ago
- An automatic Blind ROP exploitation tool☆199Updated last year
- CVE-2018-6066 using VBA☆65Updated 2 years ago
- Linux process injection PoCs☆28Updated 10 months ago
- ☆122Updated last year
- ☆86Updated last month
- ☆88Updated 2 months ago
- Poseidon is a Golang agent targeting Linux and macOS☆138Updated this week