Simple ransomware written in Rust. Part of the building a rustomware blog post.
☆35Sep 26, 2023Updated 2 years ago
Alternatives and similar repositories for rustomware
Users that are interested in rustomware are comparing it to the libraries listed below
Sorting:
- Rust Weaponization for Red Team Engagements.☆12Nov 14, 2022Updated 3 years ago
- Reduce Dynamic Analysis Detection Rates With Built-In Unhooker, Anti Analysis Techniques, And String Obfuscator Modules.☆21Dec 21, 2022Updated 3 years ago
- Event Masker is a Splunk streaming command to mask event from search based on a list of rules that contain conditions.☆16Oct 11, 2022Updated 3 years ago
- Talk slides and material☆37Mar 24, 2024Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆94Nov 5, 2021Updated 4 years ago
- This is a PoC using native windows API directx, to hide and decrypt shellcode via compute shader☆10May 3, 2025Updated 10 months ago
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- ☆15Aug 17, 2023Updated 2 years ago
- Spawn SYSTEM shells like a PRO!☆10Mar 8, 2023Updated 2 years ago
- Dont Call Me Back - Dynamic kernel callback resolver. Scan kernel callbacks in your system in a matter of seconds!☆249Jul 9, 2024Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆140Sep 12, 2022Updated 3 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆82May 23, 2023Updated 2 years ago
- Writing Your Own Ticket to the Cloud Like APT: A Deep-dive to AD FS Attacks, Detections, and Mitigations☆12Dec 9, 2022Updated 3 years ago
- ☆11Feb 12, 2023Updated 3 years ago
- SamrSearch can get user info and group info with MS-SAMR.☆15Feb 15, 2022Updated 4 years ago
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆16Jan 7, 2023Updated 3 years ago
- A rust library that allows you to host the CLR and execute dotnet binaries.☆236Mar 12, 2025Updated 11 months ago
- ☆86Nov 18, 2022Updated 3 years ago
- Listing UDP connections with remote address without sniffing.☆31Sep 26, 2023Updated 2 years ago
- Dump the memory of any PPL with a Userland exploit chain☆352Mar 17, 2023Updated 2 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆129Apr 24, 2022Updated 3 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- ☆32Aug 21, 2023Updated 2 years ago
- ☆35Aug 13, 2023Updated 2 years ago
- A simple Linux in-memory .so loader☆33Mar 29, 2023Updated 2 years ago
- ☆14Jul 21, 2024Updated last year
- Hardware-accelerated Windows screen sharing in C++☆12Jun 30, 2022Updated 3 years ago
- Tool for Active Directory Certificate Services enumeration and abuse☆16Mar 20, 2025Updated 11 months ago
- Classic Bofa adapted to CobaltStrike.☆11Oct 4, 2022Updated 3 years ago
- Windows file system driver which allows to block access to files at run-time (C/C++, C#, WDK, SDK)☆13Jan 1, 2023Updated 3 years ago
- A BOF for enumerating version information for DLLs associated for a Beacon process.☆16Nov 23, 2021Updated 4 years ago
- A JXA script for enumerating running processes, printed out in a json, parent-child tree.☆14Jan 28, 2022Updated 4 years ago
- VisualStudio port of https://github.com/guervild/BOFs/tree/dev/SilentLsassDump☆24Jul 6, 2023Updated 2 years ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Native Powers Talk demos☆15Jan 30, 2026Updated last month
- Implementation of ITaskHandler in C++☆14Feb 11, 2023Updated 3 years ago
- Command line & PPID spoofing☆29Apr 15, 2023Updated 2 years ago