From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any changes to the source code.
☆53Mar 16, 2026Updated last week
Alternatives and similar repositories for PIClin
Users that are interested in PIClin are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- A bunch of shenanigans using functions, VEH and more☆38Jun 8, 2025Updated 9 months ago
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆66Mar 1, 2025Updated last year
- A proof-of-concept shellcode loader that leverages AI/ML face recognition models to verify the identity of a user on a target system☆43Oct 30, 2024Updated last year
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆32Sep 24, 2025Updated 6 months ago
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆124Jan 17, 2026Updated 2 months ago
- Windows WLAN AutoConfig Service Elevation of Privilege Vulnerability☆24Feb 5, 2025Updated last year
- various methods of making API calls☆19Feb 1, 2025Updated last year
- Random BOFs for LDAP tradecraft☆74Sep 9, 2025Updated 6 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆117Jan 20, 2025Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 7 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated last year
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 8 months ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 4 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆73Nov 11, 2025Updated 4 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆112Mar 25, 2024Updated last year
- An example reference design for a proposed BOF PE☆204Jan 23, 2026Updated 2 months ago
- COM-based DLL Surrogate Injection☆147Dec 9, 2025Updated 3 months ago
- This is a VxLAN PoC code for Talks: From Spoofing to Tunneling: New Red Team's Networking Techniques for Initial Access and Evasion☆28Jul 21, 2025Updated 8 months ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆172May 17, 2023Updated 2 years ago
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- A small How-To on creating your own weaponized WSL file☆124Jul 23, 2025Updated 8 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated last year
- A reflective DLL development template for the Rust programming language☆116Nov 4, 2025Updated 4 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated last year
- 64-bit, position-independent implant template for Windows in Rust.☆174Nov 28, 2025Updated 3 months ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆199May 29, 2025Updated 9 months ago
- From C to binary shellcode converter.☆56Nov 11, 2025Updated 4 months ago
- ☆108Aug 21, 2024Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆105Feb 25, 2025Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- Executes Read/Write process memory with `NtQueryCompositionSurfaceStatistics`☆23Feb 10, 2024Updated 2 years ago
- ☆128Dec 12, 2025Updated 3 months ago
- Process Injection using Thread Name☆307Apr 18, 2025Updated 11 months ago
- BOF with Synthetic Stackframe☆235Oct 30, 2025Updated 4 months ago
- Community Eventing and Scripting examples☆19Aug 11, 2025Updated 7 months ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year