Maldev-Academy / RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
☆256Updated last year
Alternatives and similar repositories for RemoteTLSCallbackInjection:
Users that are interested in RemoteTLSCallbackInjection are comparing it to the libraries listed below
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆183Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆319Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆247Updated 11 months ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆366Updated last year
- Generic PE loader for fast prototyping evasion techniques☆229Updated 8 months ago
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆280Updated 10 months ago
- AV bypass while you sip your Chai!☆219Updated 10 months ago
- ☆255Updated last year
- 「💀」Proof of concept on BYOVD attack☆156Updated 3 months ago
- Remote Shellcode Injector☆212Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆349Updated 3 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆335Updated last month
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆393Updated last year
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆292Updated last year
- Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection☆286Updated 10 months ago
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆301Updated 5 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆244Updated 8 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆158Updated 10 months ago
- Weaponized HellsGate/SigFlip☆198Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆305Updated 11 months ago
- This repository implements Threadless Injection in C☆161Updated last year
- EDRSandblast-GodFault☆257Updated last year
- Native Syscalls Shellcode Injector☆266Updated last year
- Slides & Code snippets for a workshop held @ x33fcon 2024☆256Updated 9 months ago
- kernel callback removal (Bypassing EDR Detections)☆142Updated last week
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆184Updated 4 months ago
- Shaco is a linux agent for havoc☆157Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆286Updated last year
- Sleep obfuscation☆212Updated 3 months ago
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆233Updated 3 months ago