A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
☆38Mar 6, 2025Updated 11 months ago
Alternatives and similar repositories for RustyMirage
Users that are interested in RustyMirage are comparing it to the libraries listed below
Sorting:
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 11 months ago
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆65Mar 1, 2025Updated 11 months ago
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 9 months ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆19Mar 6, 2025Updated 11 months ago
- A COFF Loader written in Rust☆136Dec 1, 2025Updated 3 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆161Oct 31, 2024Updated last year
- 64-bit, position-independent implant template for Windows in Rust.☆173Nov 28, 2025Updated 3 months ago
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated last month
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 8 months ago
- Dynamically invoke arbitrary code in Rust (Dinvoke)☆101Dec 1, 2025Updated 3 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- Crystal Palace RDLL loader for Adaptix C2 with Ekko sleep obfuscation, IAT hooking via PICO, and per-section permission restoration☆65Updated this week
- Collection of red team techniques.☆67Apr 25, 2025Updated 10 months ago
- Thats it! An Open-Source Windows UEFI Rootkit☆28Jul 19, 2025Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆232Feb 12, 2025Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆42Jan 9, 2025Updated last year
- A reflective DLL development template for the Rust programming language☆114Nov 4, 2025Updated 3 months ago
- Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity☆34Apr 26, 2024Updated last year
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- Terms of Use Conditional Access M365 Evilginx Phishlet☆44Jun 23, 2025Updated 8 months ago
- Using LNK files and user input simulation to start processes under explorer.exe☆34Sep 21, 2024Updated last year
- An i686 & x86_64 position independent implant template for Rust 🦀☆33Jul 6, 2025Updated 7 months ago
- Shellcode loader that executes embedded Lua from Rust.☆128Dec 16, 2024Updated last year
- Robust Cobalt Strike shellcode loader with multiple advanced evasion features☆200Apr 21, 2025Updated 10 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆233Mar 23, 2023Updated 2 years ago
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆400Sep 26, 2024Updated last year
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 8 months ago
- find dll base addresses without PEB WALK☆160Jul 13, 2025Updated 7 months ago
- Evasive shellcode loader with indirect syscalls, Thread name-calling allocation, PoolParty injection☆10Feb 26, 2025Updated last year
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- 「⚔️」Ring 0 Rootkit for Linux Kernels x86/x86_64 5.x/6.x☆27Apr 10, 2025Updated 10 months ago
- Dynamically invoke arbitrary unmanaged code☆359Feb 19, 2026Updated last week