NUL0x4C / FetchPayloadFromDummyFile
Construct the payload at runtime using an array of offsets
☆63Updated 10 months ago
Alternatives and similar repositories for FetchPayloadFromDummyFile:
Users that are interested in FetchPayloadFromDummyFile are comparing it to the libraries listed below
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆92Updated 2 weeks ago
- ☆122Updated last year
- ☆125Updated 7 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆106Updated 2 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆76Updated 2 months ago
- ☆108Updated 3 months ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆74Updated last month
- Two in one, patch lifetime powershell console, no more etw and amsi!☆88Updated this week
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆48Updated 11 months ago
- shell code example☆46Updated last week
- ☆154Updated 4 months ago
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- A Mythic agent for Windows written in C☆119Updated this week
- Impersonate Tokens using only NTAPI functions☆64Updated 3 weeks ago
- Windows Thread Pool Injection Havoc Implementation☆29Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆92Updated this week
- A collection of position independent coding resources☆76Updated 2 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆114Updated 2 months ago
- Shellcode loader☆81Updated 5 months ago
- Section-based payload obfuscation technique for x64☆59Updated 8 months ago
- A tool to modify SCCM remote control settings on the client machine, enabling remote control without permission prompts or notifications.…☆87Updated 6 months ago
- TypeLib persistence technique☆114Updated 6 months ago
- ☆97Updated 7 months ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 3 weeks ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆62Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- ☆103Updated 3 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆97Updated last year