CICADA8-Research / TypeLibWalkerLinks
TypeLib persistence technique
☆127Updated 10 months ago
Alternatives and similar repositories for TypeLibWalker
Users that are interested in TypeLibWalker are comparing it to the libraries listed below
Sorting:
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆128Updated 7 months ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆196Updated last month
- ☆124Updated 11 months ago
- Shellcode loader☆92Updated 9 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆148Updated last month
- ☆122Updated 2 years ago
- ☆76Updated 7 months ago
- ForsHops☆56Updated 5 months ago
- BOF with Synthetic Stackframe☆164Updated 6 months ago
- Linker for Beacon Object Files☆126Updated last month
- find dll base addresses without PEB WALK☆141Updated last month
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆149Updated last week
- Bypass LSA protection using the BYODLL technique☆168Updated 11 months ago
- ☆119Updated 7 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆131Updated last year
- ☆124Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆65Updated last year
- An App Domain Manager Injection DLL PoC on steroids☆173Updated last year
- ☆100Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆121Updated 2 years ago
- Threadless shellcode injection tool☆66Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆102Updated 4 months ago
- ☆61Updated last year
- ☆137Updated 2 years ago
- ☆152Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆128Updated 4 months ago
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago