JayGLXR / RustyMirageLinks
A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
☆35Updated 3 months ago
Alternatives and similar repositories for RustyMirage
Users that are interested in RustyMirage are comparing it to the libraries listed below
Sorting:
- converts sRDI compatible dlls to shellcode☆29Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 4 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆81Updated 3 months ago
- Shellcode Loader Utilizing ETW Events☆63Updated 3 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆59Updated 7 months ago
- Rust template/library for implementing your own COFF loader☆50Updated 4 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆56Updated 3 months ago
- Linker for Beacon Object Files☆115Updated this week
- A process injection technique using only thread context manipulation☆38Updated last year
- remote process injections using pool party techniques☆62Updated 4 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- Section-based payload obfuscation technique for x64☆60Updated 10 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆71Updated last month
- ☆99Updated last year
- An ICMP channel for Beacons, implemented using Cobalt Strike’s External C2 framework.☆52Updated last week
- Threadless shellcode injection tool☆65Updated 10 months ago
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆28Updated 3 months ago
- ☆23Updated 4 months ago
- ☆49Updated 3 weeks ago
- ☆62Updated 5 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆51Updated 5 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆47Updated last month
- ☆32Updated 6 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 9 months ago
- ☆86Updated 10 months ago
- ☆44Updated last month
- ForsHops☆53Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆52Updated 2 months ago
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆90Updated this week
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year