Helixo32 / NimReflectiveLoaderLinks
NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.
☆30Updated last year
Alternatives and similar repositories for NimReflectiveLoader
Users that are interested in NimReflectiveLoader are comparing it to the libraries listed below
Sorting:
- malware written for educational purposes☆66Updated 9 months ago
- Indirect syscalls + DInvoke made simple.☆94Updated 8 months ago
- PoC XLL builder in Python/Nim☆47Updated 2 years ago
- Sleep obfuscation for shellcode implants and their reflective shit☆52Updated last year
- Sniffing files generator☆59Updated 6 months ago
- in-process powershell runner for BRC4☆47Updated last year
- Tool to obtain hash using MS-SNTP for user accounts☆25Updated 7 months ago
- Example code samples from our ScriptBlock Smuggling Blog post☆91Updated last year
- a variety of tools,scripts and techniques developed and shared with different programming languages by 0xsp Lab☆65Updated 8 months ago
- Automated .NET AppDomain hijack payload generation☆127Updated 6 months ago
- Impersonate Tokens using only NTAPI functions☆79Updated 4 months ago
- Permanently disable EDRs as local admin☆94Updated last month
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 5 months ago
- ☆57Updated 6 months ago
- ☆110Updated 6 months ago
- ☆47Updated 2 years ago
- Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.☆83Updated last month
- ☆36Updated last year
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆98Updated last year
- SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Dire…☆33Updated last year
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- ☆34Updated 5 months ago
- Launches a limited shell using PowerShell Runspaces with an optional AMSI Bypass. Does not invoke Powershell.exe☆13Updated last year
- ☆48Updated 2 years ago
- Windows Thread Pool Injection Havoc Implementation☆32Updated last year
- Demo code JavaScript POC that tricks user into sending Windows hash to responder☆34Updated 2 months ago
- Proxy function calls through the thread pool with ease☆29Updated 6 months ago
- ☆57Updated 10 months ago
- Duplicate not owned Token from Running Process☆72Updated 2 years ago