Apply a divide and conquer approach to bypass EDRs
☆286Oct 19, 2023Updated 2 years ago
Alternatives and similar repositories for Split
Users that are interested in Split are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆263Jun 29, 2024Updated last year
- Dynamically invoke arbitrary unmanaged code☆359Feb 19, 2026Updated last month
- Call stack spoofing for Rust☆361Feb 7, 2025Updated last year
- Reuse open handles to dynamically dump LSASS.☆247Apr 4, 2024Updated 2 years ago
- Using fibers to run in-memory code.☆243Oct 19, 2023Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆673Dec 23, 2022Updated 3 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- Detect whether a service is installed (blindly) and/or running (if exposing named pipes) on a remote machine without using local admin pr…☆237Sep 3, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆1,009Jun 4, 2024Updated last year
- Threadless Process Injection using remote function hooking.☆808Sep 4, 2024Updated last year
- Detect EDR's exceptions by inspecting processes' loaded modules☆131Mar 15, 2024Updated 2 years ago
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆362Mar 2, 2024Updated 2 years ago
- (First Public?) Sample of unhooking ntdll (All Exports & IAT imports) hooks in Rust using in-memory disassembly, avoiding direct syscalls…☆138Mar 3, 2025Updated last year
- Performing Indirect Clean Syscalls☆607Apr 19, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A rust library that allows you to host the CLR and execute dotnet binaries.☆236Mar 12, 2025Updated last year
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆185Feb 12, 2023Updated 3 years ago
- EDRSandblast-GodFault☆271Aug 28, 2023Updated 2 years ago
- Patch AMSI and ETW☆249May 8, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆375Apr 19, 2023Updated 2 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆395Jan 9, 2024Updated 2 years ago
- a tool to help operate in EDRs' blind spots☆769Dec 2, 2024Updated last year
- ROP-based sleep obfuscation to evade memory scanners☆380Jun 22, 2025Updated 9 months ago
- Execute unmanaged Windows executables in CobaltStrike Beacons☆716Mar 4, 2023Updated 3 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- Lateral Movement Using DCOM and DLL Hijacking☆325Jun 18, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆683Aug 15, 2025Updated 7 months ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- ☆344Nov 10, 2025Updated 4 months ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆211Nov 12, 2025Updated 4 months ago
- Nameless C2 - A C2 with all its components written in Rust☆285Sep 26, 2024Updated last year
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆303Oct 26, 2022Updated 3 years ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUST☆721Aug 18, 2023Updated 2 years ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- Threadless Process Injection through entry point hijacking☆352Sep 10, 2024Updated last year
- DLL proxying for lazy people☆203Dec 1, 2025Updated 4 months ago
- ☆224Oct 22, 2023Updated 2 years ago
- PoCs and tools for investigation of Windows process execution techniques☆955Feb 2, 2026Updated 2 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆413Jan 11, 2026Updated 2 months ago
- ☆153Jan 6, 2023Updated 3 years ago
- Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting☆362Dec 19, 2022Updated 3 years ago