Do some DLL SideLoading magic
☆89Sep 20, 2023Updated 2 years ago
Alternatives and similar repositories for SideLoadingDLL
Users that are interested in SideLoadingDLL are comparing it to the libraries listed below
Sorting:
- Just another Process Injection using Process Hollowing technique.☆18Sep 18, 2023Updated 2 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind☆482Jul 12, 2023Updated 2 years ago
- A collection of (even more) alternative shellcode callback methods in CSharp☆81Oct 26, 2024Updated last year
- A simple PoC of injection shellcode into a remote process and get the output using namepipe☆44Jan 10, 2024Updated 2 years ago
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆99Oct 13, 2022Updated 3 years ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- ☆43Jan 2, 2023Updated 3 years ago
- A C port of b33f's UrbanBishop☆38Oct 1, 2020Updated 5 years ago
- XLL Phishing Tradecraft☆439May 24, 2022Updated 3 years ago
- WNF Code Execution Library Using C#☆110May 18, 2020Updated 5 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆193Nov 15, 2022Updated 3 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- A care package of useful bofs for red team engagments☆53Dec 6, 2024Updated last year
- Patching AmsiOpenSession by forcing an error branching☆154Aug 2, 2023Updated 2 years ago
- Standalone Cobalt Strike operation logging Aggressor script for Ghostwriter 2.0+☆35Dec 1, 2025Updated 2 months ago
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆86Mar 19, 2023Updated 2 years ago
- WptsExtensions.dll for exploiting DLL hijacking of the task scheduler.☆56Jun 30, 2021Updated 4 years ago
- Multithreaded C# .NET Assembly to enumerate accessible network shares in a domain☆34Nov 13, 2023Updated 2 years ago
- ☆152Oct 2, 2023Updated 2 years ago
- An open-source process injection enumeration tool written in C#☆174Dec 16, 2022Updated 3 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆258Jun 29, 2024Updated last year
- ☆84Aug 18, 2022Updated 3 years ago
- Find DLLs with RWX section☆79Jul 3, 2023Updated 2 years ago
- Generate Apache mod_rewrite rules for Mythic C2 profiles☆36Jul 22, 2021Updated 4 years ago
- C# havoc implant☆100Feb 12, 2023Updated 3 years ago
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- ☆60Dec 15, 2023Updated 2 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆209Nov 12, 2025Updated 3 months ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 2 years ago
- ☆84Nov 21, 2024Updated last year
- Flexible C# shellcode runner☆39Jan 18, 2022Updated 4 years ago
- Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post☆130Jan 14, 2023Updated 3 years ago
- laZzzy is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques.☆501Jan 10, 2023Updated 3 years ago
- Miscellaneous examples for use with Cobalt Strike Beacon☆10Nov 19, 2020Updated 5 years ago
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Quick python script to replace the NtAPI functions within SysWhispers' assembly and header files with random strings☆28May 30, 2022Updated 3 years ago