Kudaes / RustChainLinks
Hide memory artifacts using ROP and hardware breakpoints.
☆146Updated last year
Alternatives and similar repositories for RustChain
Users that are interested in RustChain are comparing it to the libraries listed below
Sorting:
- Reuse open handles to dynamically dump LSASS.☆246Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆145Updated 2 years ago
- XOR decrypting shellcode using the GPU with OpenCL.☆100Updated last month
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆71Updated 2 months ago
- Identify and exploit leaked handles for local privilege escalation.☆108Updated 2 years ago
- EDR Detector that can find what kind of endpoint solution is being used according to drivers in the system.☆94Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆146Updated 3 years ago
- Exploitation of process killer drivers☆201Updated last year
- Shellcode loader that executes embedded Lua from Rust.☆114Updated 6 months ago
- Your syscall factory☆123Updated last week
- EDRSandblast-GodFault☆266Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆121Updated 2 years ago
- A simple PoC to invoke an encrypted shellcode by using an hidden call☆116Updated 2 years ago
- Some Rust program I wrote while learning Malware Development☆133Updated 4 months ago
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- An example reference design for a proposed BOF PE☆175Updated 2 months ago
- Detect EDR's exceptions by inspecting processes' loaded modules☆130Updated last year
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆194Updated last year
- Template-based generation of shellcode loaders☆77Updated last year
- Executables on Disk? Bleh 🤮☆100Updated 2 years ago
- Select any exported function in a dll as the new dll's entry point.☆80Updated 8 months ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆205Updated 2 years ago
- Weaponized HellsGate/SigFlip☆199Updated 2 years ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆189Updated last year
- ☆111Updated 2 years ago
- Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.☆146Updated 2 years ago
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆196Updated last year
- I have documented all of the AMSI patches that I learned till now☆73Updated 3 months ago
- Bypass LSA protection using the BYODLL technique☆164Updated 9 months ago