Brother-x86 / malleable-rust-loaderLinks
Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various methods and perform multiple data operation to deobfuscate or decrypt payloads and new configuration.
β11Updated last month
Alternatives and similar repositories for malleable-rust-loader
Users that are interested in malleable-rust-loader are comparing it to the libraries listed below
Sorting:
- converts sRDI compatible dlls to shellcodeβ29Updated 4 months ago
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ45Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 9 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β78Updated 3 months ago
- shell code exampleβ49Updated 3 weeks ago
- Shellcode loaderβ81Updated 6 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.β43Updated 3 weeks ago
- TypeLib persistence techniqueβ115Updated 7 months ago
- ForsHopsβ53Updated 2 months ago
- a demo module for the kaine agent to execute and inject assembly modulesβ38Updated 9 months ago
- Rust template/library for implementing your own COFF loaderβ50Updated 4 months ago
- Shellcode Loader Utilizing ETW Eventsβ63Updated 3 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.β61Updated last year
- find dll base addresses without PEB WALKβ91Updated last month
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBufβ¦β39Updated 3 weeks ago
- Exploiting the KsecDD Windows driver through Server Silosβ71Updated 6 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β89Updated 11 months ago
- Unhook Ntdll.dll, Go & C++.β22Updated last month
- β31Updated 5 months ago
- early cascade injection PoC based on Outflanks blog post, in rustβ58Updated 6 months ago
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β35Updated 3 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assemblyβ60Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentialsβ48Updated 3 weeks ago
- Construct the payload at runtime using an array of offsetsβ63Updated 11 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial β¦β49Updated 4 months ago
- β62Updated 4 months ago
- API Hammering with C++20β46Updated 2 years ago
- β155Updated 5 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Executionβ42Updated 10 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.β63Updated last month