Kudaes / rust_tips_and_tricks
Rust For Windows Cheatsheet
☆110Updated last week
Related projects ⓘ
Alternatives and complementary repositories for rust_tips_and_tricks
- DLL proxying for lazy people☆135Updated last week
- Rust port of LayeredSyscall, designed to perform indirect syscalls while generating legitimate API call stack frames by abusing Vectored …☆89Updated last week
- Some Rust program I wrote while learning Malware Development☆110Updated 3 months ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆187Updated last year
- Rusty Impersonate☆94Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆153Updated 2 weeks ago
- Exploitation of process killer drivers☆186Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆205Updated last month
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆159Updated last year
- ☆173Updated 11 months ago
- Host CLR and run .NET binaries using Rust☆56Updated last week
- A set of programs for analyzing common vulnerabilities in COM☆152Updated 2 months ago
- Malware?☆69Updated last month
- ☆133Updated last year
- Detect EDR's exceptions by inspecting processes' loaded modules☆121Updated 7 months ago
- Using fibers to run in-memory code.☆193Updated last year
- Template-based generation of shellcode loaders☆65Updated 6 months ago
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆102Updated last month
- 64-bit, position-independent implant template for Windows in Rust.☆75Updated last month
- Experiment on reproducing Obfuscate & Sleep☆138Updated 3 years ago
- Early Bird APC Injection in Rust☆50Updated last month
- Bypass LSA protection using the BYODLL technique☆142Updated last month
- early cascade injection PoC based on Outflanks blog post☆91Updated this week
- Massayo is a small proof-of-concept Rust library which removes AV/EDR hooks in a given system DLL☆64Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆175Updated last year
- Find DLLs with RWX section☆75Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆114Updated 5 months ago
- Lateral Movement Using DCOM and DLL Hijacking☆279Updated last year