EvilBytecode / ExitPatcherLinks
Prevent in-process process termination by patching exit APIs
☆62Updated 2 months ago
Alternatives and similar repositories for ExitPatcher
Users that are interested in ExitPatcher are comparing it to the libraries listed below
Sorting:
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆136Updated 5 months ago
- PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin☆109Updated 3 weeks ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆103Updated 2 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆140Updated last month
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆62Updated 8 months ago
- A fucking real shellcode loader with a GUI. Work-in-Progress.☆81Updated 7 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆83Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61Updated 8 months ago
- ☆55Updated 8 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54Updated 8 months ago
- sideloading PoC using onedrive.exe & version.dll☆90Updated 3 months ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆40Updated 2 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆60Updated 3 weeks ago
- converts sRDI compatible dlls to shellcode☆35Updated last year
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆60Updated 9 months ago
- Shellcode Loader Utilizing ETW Events☆67Updated 11 months ago
- A portable C# utility for enumerating local and remote windows sessions☆55Updated last month
- NailaoLoader: Hiding Execution Flow via Patching☆22Updated 11 months ago
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Updated 5 months ago
- Fairy Law - Compromise or disable EDR security solutions☆65Updated 2 months ago
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆61Updated last month
- Manage Shadows Copies via the VSS API using C#, C++, Crystal or Python. Working on Windows 11☆75Updated this week
- Modern PIC implant for Windows (64 & 32 bit)☆105Updated 6 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Updated last year
- Less sugar (entropy) for your binaries☆34Updated 4 months ago
- EDRStartupHinder: A red team tool to prevent Antivirus and EDR from running.☆172Updated 3 weeks ago
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆73Updated 2 months ago
- Shellcode loader☆100Updated last year