Kudaes / RustHollow
Inject a shellcode in a remote process using Process Hollowing.
☆42Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for RustHollow
- Command & Control server and agent written in Rust☆34Updated 2 years ago
- ☆44Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆79Updated last year
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆77Updated last year
- Host CLR and run .NET binaries using Rust☆56Updated last week
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆94Updated last year
- ☆35Updated last year
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆113Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆55Updated last year
- TypeLib persistence technique☆68Updated 2 weeks ago
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆159Updated last year
- A work in progress BOF/COFF loader in Rust☆45Updated last year
- Donut generator in rust.☆23Updated 2 years ago
- Template-based generation of shellcode loaders☆65Updated 6 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- 64-bit, position-independent reverse tcp shell, built in Rust for Windows.☆44Updated last month
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆120Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆49Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated 2 months ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆99Updated 2 years ago
- Repo that holds random POCs☆45Updated 10 months ago
- Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library☆24Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆84Updated 7 months ago
- ☆95Updated last year
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆67Updated 8 months ago