JayGLXR / RustySpy
A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure data exfiltration and EDR suppression features.
☆14Updated 2 months ago
Alternatives and similar repositories for RustySpy:
Users that are interested in RustySpy are comparing it to the libraries listed below
- ☆27Updated 3 months ago
- Proxy function calls through the thread pool with ease☆25Updated 2 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Rust template/library for implementing your own COFF loader☆50Updated 3 months ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆21Updated last year
- BOF for C2 framework☆41Updated 5 months ago
- converts sRDI compatible dlls to shellcode☆26Updated 3 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 3 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆26Updated 3 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆53Updated last month
- ☆30Updated last month
- Cobalt Strike UDRL for memory scanner evasion.☆51Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆34Updated 7 months ago
- ☆17Updated 8 months ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- use python on windows with full submodule support without installation☆27Updated 3 months ago
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆27Updated 10 months ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- EmbedExeLnk by x86matthew modified by d4rkiZ☆42Updated 2 years ago
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆26Updated 2 months ago
- ☆43Updated last year
- A work in progress BOF/COFF loader in Rust☆47Updated 2 years ago
- ☆29Updated 4 months ago
- Less sugar (entropy) for your binaries☆20Updated last month
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- Execute dotnet app from unmanaged process☆73Updated 4 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆24Updated 3 weeks ago
- ☆20Updated 10 months ago
- ☆23Updated 2 months ago