Brother-x86 / malleable-rust-loaderLinks
Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various methods and perform multiple data operation to deobfuscate or decrypt payloads and new configuration.
☆11Updated last week
Alternatives and similar repositories for malleable-rust-loader
Users that are interested in malleable-rust-loader are comparing it to the libraries listed below
Sorting:
- early cascade injection PoC based on Outflanks blog post, in rust☆59Updated 7 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆44Updated last month
- shell code example☆49Updated last month
- converts sRDI compatible dlls to shellcode☆29Updated 5 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆82Updated 4 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆35Updated 3 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 10 months ago
- Shellcode Loader Utilizing ETW Events☆63Updated 4 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- Decrypting yandex browser passwords☆21Updated 2 months ago
- Linker for Beacon Object Files☆116Updated this week
- Rust template/library for implementing your own COFF loader☆50Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 5 months ago
- A Rust crate to parse user-mode minidump files generated on Windows☆14Updated 2 months ago
- TypeLib persistence technique☆117Updated 8 months ago
- ForsHops☆53Updated 3 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 11 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆64Updated last month
- Section-based payload obfuscation technique for x64☆61Updated 10 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆52Updated 2 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆65Updated 2 months ago
- Callstack spoofing using a VEH because VEH all the things.☆21Updated 3 months ago
- remote process injections using pool party techniques☆62Updated 4 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆39Updated 10 months ago
- Cortex EDR Ransomware protection Bypass☆24Updated 4 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆52Updated last month
- Windows C++ Implant for Exploration C2☆31Updated last month
- Threadless shellcode injection tool☆65Updated 10 months ago
- A collection of position independent coding resources☆79Updated 4 months ago