Maldev-Academy / RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
☆245Updated last year
Alternatives and similar repositories for RemoteTLSCallbackInjection:
Users that are interested in RemoteTLSCallbackInjection are comparing it to the libraries listed below
- ☆249Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆274Updated 9 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆180Updated last year
- This repository implements Threadless Injection in C☆158Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆334Updated 2 weeks ago
- Native Syscalls Shellcode Injector☆264Updated last year
- Remote Shellcode Injector☆208Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆157Updated 8 months ago
- .NET assembly loader with patchless AMSI and ETW bypass☆315Updated last year
- Shaco is a linux agent for havoc☆156Updated last year
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆344Updated 2 months ago
- PE obfuscator with Evasion in mind☆214Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆287Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆246Updated 10 months ago
- ☆165Updated last year
- AV bypass while you sip your Chai!☆218Updated 9 months ago
- EDRSandblast-GodFault☆250Updated last year
- Sleep obfuscation☆206Updated 2 months ago
- Stage 0☆152Updated 2 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆291Updated last year
- early cascade injection PoC based on Outflanks blog post☆206Updated 3 months ago
- Hide your P/Invoke signatures through other people's signed assemblies☆203Updated 11 months ago
- 「💀」Proof of concept on BYOVD attack☆154Updated 2 months ago
- ☆271Updated last year
- Generic PE loader for fast prototyping evasion techniques☆225Updated 7 months ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆389Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆187Updated 2 weeks ago
- Collect Windows telemetry for Maldev☆298Updated 2 weeks ago
- Stealthily inject shellcode into an executable☆150Updated last month
- Slides & Code snippets for a workshop held @ x33fcon 2024☆251Updated 8 months ago