JayGLXR / NomadLoader
An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables executable content to be executed from any memory location without requiring traditional loading or relocation.
☆26Updated 2 months ago
Alternatives and similar repositories for NomadLoader:
Users that are interested in NomadLoader are comparing it to the libraries listed below
- Rust template/library for implementing your own COFF loader☆50Updated 3 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆53Updated last month
- Proxy function calls through the thread pool with ease☆25Updated 2 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 3 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- converts sRDI compatible dlls to shellcode☆29Updated 3 months ago
- use python on windows with full submodule support without installation☆27Updated 3 months ago
- ☆29Updated 4 months ago
- remote process injections using pool party techniques☆59Updated 2 months ago
- Cobalt Strike UDRL for memory scanner evasion.☆51Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆47Updated 3 weeks ago
- ForsHops☆44Updated last month
- Post-Ex BOF tooling for Hannibal☆21Updated 5 months ago
- BOF for C2 framework☆41Updated 6 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆61Updated this week
- early cascade injection PoC based on Outflanks blog post, in rust☆58Updated 6 months ago
- ☆99Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆33Updated 2 months ago
- ☆58Updated 3 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆14Updated 2 months ago
- BOF to decrypt Signal Desktop chat logs☆65Updated 2 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆26Updated 3 months ago
- ☆48Updated last year
- A process injection technique using only thread context manipulation☆29Updated last year
- ☆32Updated 8 months ago
- Execute dotnet app from unmanaged process☆74Updated 4 months ago
- Rewrite to fit my needs☆27Updated 9 months ago
- ☆52Updated 4 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆76Updated 2 months ago