Kudaes / DInvoke_rs
Dynamically invoke arbitrary unmanaged code
☆314Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for DInvoke_rs
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆320Updated 8 months ago
- Threadless Process Injection through entry point hijacking☆333Updated last month
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆187Updated last year
- Call stack spoofing for Rust☆298Updated 2 months ago
- ROP-based sleep obfuscation to evade memory scanners☆321Updated 8 months ago
- TartarusGate, Bypassing EDRs☆530Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆544Updated 2 weeks ago
- Rust For Windows Cheatsheet☆110Updated last week
- Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc.☆253Updated 9 months ago
- Using fibers to run in-memory code.☆193Updated last year
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆367Updated 10 months ago
- Dump the memory of any PPL with a Userland exploit chain☆331Updated last year
- A COFF loader made in Rust☆222Updated 3 weeks ago
- Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust☆239Updated 11 months ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆622Updated last year
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆237Updated 3 months ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆346Updated 2 years ago
- Apply a divide and conquer approach to bypass EDRs☆274Updated last year
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆302Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆438Updated 8 months ago
- Reuse open handles to dynamically dump LSASS.☆234Updated 7 months ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆255Updated 9 months ago
- Exploitation of process killer drivers☆186Updated last year
- Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs☆287Updated 2 years ago
- windows-rs shellcode loaders☆282Updated 3 months ago
- ☆506Updated 8 months ago
- miscellaneous scripts and programs☆214Updated last year
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆296Updated 2 months ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆339Updated last year