A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure data exfiltration and EDR suppression features.
☆19Mar 6, 2025Updated last year
Alternatives and similar repositories for RustySpy
Users that are interested in RustySpy are comparing it to the libraries listed below
Sorting:
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆66Mar 1, 2025Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated last year
- Reflective DLL self-loading as a library☆21May 3, 2025Updated 10 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated last year
- A New Exploitation Technique for Visual Studio Projects☆11Nov 5, 2023Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated last month
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆271Jun 18, 2025Updated 9 months ago
- Proof-of-concept implementation of AI-enabled postex DLLs☆54Sep 10, 2025Updated 6 months ago
- A nim implementation of sRDI☆20Oct 18, 2023Updated 2 years ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆126Dec 6, 2024Updated last year
- 在cobaltstrike中使用的bof工具集,收集整理验证好用的bof。☆17Sep 30, 2021Updated 4 years ago
- Periodically check hashcat cracking progress and notify of success.☆10Dec 18, 2018Updated 7 years ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- ☆61Aug 30, 2021Updated 4 years ago
- A process injection technique using only thread context manipulation☆41Dec 18, 2023Updated 2 years ago
- ☆22Jun 21, 2022Updated 3 years ago
- Payload Obfuscation for Red Teams workshop materials☆81Nov 25, 2025Updated 3 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆174Nov 28, 2025Updated 3 months ago
- Zero dependency browser extension for handling import of cookies, Microsoft 365 OAuth tokens, and Graph API interactions.☆23Feb 26, 2026Updated 3 weeks ago
- Proxy function calls through the thread pool with ease☆31Feb 27, 2025Updated last year
- Call Stack Spoofing for Rust☆212Jan 28, 2026Updated last month
- Rust port of kdmapper☆22Aug 24, 2021Updated 4 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- Shellcode loader that executes embedded Lua from Rust.☆127Dec 16, 2024Updated last year
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- This is the Git repository for the Modern Red Teaming workshop given at SINCON2024.☆13May 23, 2024Updated last year
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆29Oct 29, 2021Updated 4 years ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆87Apr 26, 2025Updated 10 months ago
- Dynamically invoke arbitrary code in Rust☆102Updated this week
- [EMNLP 2024] Holistic Automated Red Teaming for Large Language Models through Top-Down Test Case Generation and Multi-turn Interaction☆17Nov 9, 2024Updated last year
- improved shellcode template for b1tg/rust-windows-shellcode☆29May 12, 2021Updated 4 years ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆164Oct 31, 2024Updated last year
- Shellcode implementation of Reflective DLL Injection by Golang. Convert DLLs to position independent shellcode☆63Mar 30, 2021Updated 4 years ago
- Putting the C2 in C2loudflare☆18Jun 28, 2024Updated last year
- 黑魔鬼插件☆19Jan 30, 2021Updated 5 years ago
- Awesome MalDev Links☆52Updated this week