NUL0x4C / NoRunPI
Run Your Payload Without Running Your Payload
☆180Updated 2 years ago
Alternatives and similar repositories for NoRunPI:
Users that are interested in NoRunPI are comparing it to the libraries listed below
- POC for frustrating/defeating Malware Analysts☆153Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆144Updated 2 years ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆202Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆194Updated 2 years ago
- Patch AMSI and ETW☆237Updated 10 months ago
- Beacon Object File Loader☆282Updated last year
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆322Updated 7 months ago
- Weaponized HellsGate/SigFlip☆198Updated last year
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆180Updated last year
- EDRSandblast-GodFault☆250Updated last year
- Evasive Golang Loader☆129Updated 7 months ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆111Updated last year
- Generate Shellcode Loaders & Injects☆155Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆209Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆231Updated last year
- Patching AmsiOpenSession by forcing an error branching☆143Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆147Updated last year
- ☆107Updated last year
- POC tool to convert CobaltStrike BOF files to raw shellcode☆187Updated 3 years ago
- Lateral Movement Using DCOM and DLL Hijacking☆284Updated last year
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆302Updated last year
- random code snippets, useful for getting started☆116Updated 4 months ago
- Exploitation of process killer drivers☆197Updated last year
- Hookers are cooler than patches.☆168Updated 3 years ago
- Github as C2 Demonstration , free API = free C2 Infrastructure☆135Updated last year
- ☆148Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆318Updated last year
- ☆242Updated 2 years ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆214Updated last year
- ☆192Updated last month