NUL0x4C / FetchPayloadFromDummyFile
Construct the payload at runtime using an array of offsets
☆63Updated 9 months ago
Alternatives and similar repositories for FetchPayloadFromDummyFile:
Users that are interested in FetchPayloadFromDummyFile are comparing it to the libraries listed below
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 7 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- ☆125Updated 7 months ago
- ☆95Updated 7 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆85Updated 9 months ago
- Section-based payload obfuscation technique for x64☆59Updated 7 months ago
- ☆103Updated 2 weeks ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆118Updated 6 months ago
- ☆105Updated 2 months ago
- Windows Thread Pool Injection Havoc Implementation☆28Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆60Updated last year
- A Mythic agent for Windows written in C☆112Updated this week
- BOF with Synthetic Stackframe☆137Updated last month
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆98Updated last week
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆73Updated last month
- Find DLLs with RWX section☆79Updated last year
- Do some DLL SideLoading magic☆80Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆72Updated last month
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆88Updated 3 weeks ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆172Updated last month
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆47Updated 10 months ago
- A collection of position independent coding resources☆68Updated last month
- ☆54Updated 5 months ago
- ☆104Updated last month
- lsassdump via RtlCreateProcessReflection and NanoDump☆79Updated 5 months ago
- A python script that automates a C2 Profile build☆35Updated last week
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆102Updated 2 months ago
- Create Anti-Copy DRM Malware☆55Updated 7 months ago