NUL0x4C / NoRunPI
Run Your Payload Without Running Your Payload
☆180Updated 2 years ago
Alternatives and similar repositories for NoRunPI:
Users that are interested in NoRunPI are comparing it to the libraries listed below
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆202Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆144Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆194Updated 2 years ago
- Generate Shellcode Loaders & Injects☆155Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- EDRSandblast-GodFault☆257Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆181Updated last year
- Do some DLL SideLoading magic☆79Updated last year
- Patch AMSI and ETW☆237Updated 10 months ago
- Weaponized HellsGate/SigFlip☆198Updated last year
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆186Updated last year
- Execute shellcode files with rundll32☆193Updated last year
- Patching AmsiOpenSession by forcing an error branching☆143Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆176Updated last year
- ☆107Updated last year
- ☆162Updated last year
- Execute shellcode from a remote-hosted bin file using Winhttp.☆231Updated last year
- Beacon Object File Loader☆284Updated last year
- POC for frustrating/defeating Malware Analysts☆154Updated 2 years ago
- ☆181Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆323Updated 8 months ago
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆195Updated 9 months ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆135Updated last year
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆157Updated 9 months ago
- PE obfuscator with Evasion in mind☆213Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆289Updated last year
- ☆299Updated last year
- Identify and exploit leaked handles for local privilege escalation.☆106Updated last year
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆172Updated 2 years ago