Kudaes / EPI
Threadless Process Injection through entry point hijacking
☆329Updated last week
Related projects: ⓘ
- ROP-based sleep obfuscation to evade memory scanners☆312Updated 6 months ago
- Dynamically invoke arbitrary unmanaged code☆299Updated 3 weeks ago
- Apply a divide and conquer approach to bypass EDRs☆268Updated 11 months ago
- Call stack spoofing for Rust☆284Updated 2 weeks ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆365Updated last year
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆311Updated 6 months ago
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆221Updated last month
- Using fibers to run in-memory code.☆190Updated 11 months ago
- A BOF that runs unmanaged PEs inline☆520Updated this week
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆287Updated last year
- TartarusGate, Bypassing EDRs☆519Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆219Updated 2 months ago
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆296Updated last year
- Performing Indirect Clean Syscalls☆451Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆332Updated last year
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆342Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆320Updated 3 months ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆363Updated 8 months ago
- Native Syscalls Shellcode Injector☆259Updated last year
- Dump the memory of any PPL with a Userland exploit chain☆327Updated last year
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆219Updated 11 months ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆247Updated 8 months ago
- Because AV evasion should be easy.☆297Updated 2 months ago
- Replace the .txt section of the current loaded modules from \KnownDlls\ to bypass edrs☆286Updated last year
- ☆309Updated this week
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆299Updated last year
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆597Updated last year
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆355Updated last year
- Encypting the Heap while sleeping by hooking and modifying Sleep with our own sleep that encrypts the heap☆235Updated last year
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆612Updated last year