BlackSnufkin / NovaLdr
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
☆225Updated 4 months ago
Related projects ⓘ
Alternatives and complementary repositories for NovaLdr
- Rust port of LayeredSyscall, designed to perform indirect syscalls while generating legitimate API call stack frames by abusing Vectored …☆101Updated 3 weeks ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆158Updated 3 weeks ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It …☆268Updated last month
- REC2 (Rusty External Command and Control) is client and server tool allowing auditor to execute command from VirusTotal and Mastodon APIs…☆129Updated 8 months ago
- Lateral Movement Using DCOM and DLL Hijacking☆281Updated last year
- Shellcode loader designed for evasion. Coded in Rust.☆107Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆278Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆171Updated 10 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆324Updated 11 months ago
- This repository implements Threadless Injection in C☆154Updated 10 months ago
- Early Bird APC Injection in Rust☆50Updated last month
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆146Updated 3 weeks ago
- BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions☆270Updated this week
- DLL proxying for lazy people☆136Updated 2 weeks ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆170Updated 8 months ago
- Some POCs for my BYOVD research and find some vulnerable drivers☆126Updated 2 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆209Updated 2 months ago
- ☆126Updated 3 months ago
- Using fibers to run in-memory code.☆194Updated last year
- Shaco is a linux agent for havoc☆144Updated last year
- AV bypass while you sip your Chai!☆208Updated 6 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆148Updated 5 months ago
- A set of programs for analyzing common vulnerabilities in COM☆154Updated 2 months ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆168Updated 2 months ago
- ☆245Updated 10 months ago
- ROP-based sleep obfuscation to evade memory scanners☆323Updated 8 months ago
- C2 infrastructure that allows Red Teamers to execute system commands on compromised hosts through Microsoft Teams.☆156Updated last week
- ☆142Updated last week