Faran-17 / HellshazzardLinks
Indirect Syscall implementation to bypass userland NTAPIs hooking.
☆76Updated 11 months ago
Alternatives and similar repositories for Hellshazzard
Users that are interested in Hellshazzard are comparing it to the libraries listed below
Sorting:
- Shellcode Loader Utilizing ETW Events☆64Updated 5 months ago
- Section-based payload obfuscation technique for x64☆64Updated 11 months ago
- Construct the payload at runtime using an array of offsets☆63Updated last year
- A collection of position independent coding resources☆89Updated 5 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆63Updated last year
- Shellcode loader☆91Updated 8 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆100Updated 3 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- ☆87Updated 11 months ago
- ☆71Updated 6 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆128Updated 6 months ago
- shell code example☆61Updated 2 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 9 months ago
- ForsHops☆55Updated 4 months ago
- Impersonate Tokens using only NTAPI functions☆79Updated 4 months ago
- ☆61Updated last year
- Code execution/injection technique using DLL PEB module structure manipulation☆152Updated 2 months ago
- Threadless shellcode injection tool☆66Updated last year
- Find DLLs with RWX section☆81Updated 2 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆135Updated last week
- Splitting and executing shellcode across multiple pages☆102Updated 2 years ago
- A process injection technique using only thread context manipulation☆37Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- ☆35Updated 7 months ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆60Updated last week
- TypeLib persistence technique☆119Updated 9 months ago
- ☆124Updated 11 months ago
- Rewrite to fit my needs☆30Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆54Updated 2 months ago