MatheuZSecurity / ElfDoor-gcc
ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.
☆105Updated last month
Alternatives and similar repositories for ElfDoor-gcc
Users that are interested in ElfDoor-gcc are comparing it to the libraries listed below
Sorting:
- Windows rootkit designed to work with BYOVD exploits☆198Updated 4 months ago
- ☆105Updated 6 months ago
- ☆141Updated 6 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆94Updated last week
- "Service-less" driver loading☆154Updated 5 months ago
- A Mythic Agent written in PIC C.☆189Updated 3 months ago
- Shellcode encryptor using a substitution cipher with a randomly generated key.☆128Updated 4 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆179Updated 3 months ago
- ☆54Updated 3 weeks ago
- POC of GITHUB simple C2 in rust☆53Updated 3 months ago
- Payload encoding utility to effectively lower payload entropy.☆116Updated last month
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆109Updated 8 months ago
- Sleep obfuscation☆222Updated 5 months ago
- Using the Counter Strike 1.6 RCON protocol as a C2 Channel.☆78Updated 2 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆89Updated 11 months ago
- This repository implements Threadless Injection in C☆167Updated last year
- Stage 0☆159Updated 5 months ago
- Local & remote Windows DLL Proxying☆164Updated 11 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆105Updated 4 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 9 months ago
- CVE-2024-30090 - LPE PoC☆106Updated 7 months ago
- Automated .NET AppDomain hijack payload generation☆124Updated 3 months ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆111Updated last year
- Injecting DLL into LSASS at boot☆105Updated 2 weeks ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆261Updated 8 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated last month
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- In-Memory Rootkit For Linux☆70Updated 3 weeks ago
- C++ Staged Shellcode Loader with Evasion capabilities.☆90Updated 7 months ago
- Collection of codes focused on Linux rootkits☆107Updated 2 months ago