MatheuZSecurity / ElfDoor-gccLinks
ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
☆113Updated 2 months ago
Alternatives and similar repositories for ElfDoor-gcc
Users that are interested in ElfDoor-gcc are comparing it to the libraries listed below
Sorting:
- Windows rootkit designed to work with BYOVD exploits☆200Updated 5 months ago
- ☆107Updated 7 months ago
- ☆142Updated 7 months ago
- Injecting DLL into LSASS at boot☆123Updated last month
- ☆133Updated 3 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆110Updated last month
- Payload encoding utility to effectively lower payload entropy.☆117Updated 2 months ago
- ☆57Updated 2 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆112Updated 9 months ago
- "Service-less" driver loading☆155Updated 6 months ago
- CVE-2024-30090 - LPE PoC☆107Updated 8 months ago
- Sleep obfuscation☆228Updated 6 months ago
- Collection of codes focused on Linux rootkits☆131Updated last week
- A Mythic Agent written in PIC C.☆190Updated 4 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆184Updated 4 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆110Updated 6 months ago
- Windows Persistence IT-Security☆101Updated 3 months ago
- BSides Prishtina 2024 Malware Development and Persistence workshop☆83Updated 3 weeks ago
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆81Updated 4 months ago
- ☆121Updated 9 months ago
- In-Memory Rootkit For Linux☆70Updated 2 weeks ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆90Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆44Updated last month
- Monarch - The Adversary Emulation Toolkit☆62Updated 5 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 5 months ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆92Updated 8 months ago
- Stage 0☆161Updated 6 months ago
- RunAs Utility Credential Stealer implementing 3 techniques : Hooking CreateProcessWithLogonW, Smart Keylogging, Remote Debugging☆193Updated 3 months ago
- ☆7Updated 5 months ago