NUL0x4C / NoRunPILinks
Run Your Payload Without Running Your Payload
☆182Updated 2 years ago
Alternatives and similar repositories for NoRunPI
Users that are interested in NoRunPI are comparing it to the libraries listed below
Sorting:
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆205Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆146Updated 3 years ago
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆216Updated 3 years ago
- PE obfuscator with Evasion in mind☆212Updated 2 years ago
- Weaponized HellsGate/SigFlip☆199Updated last year
- Infect Shared Files In Memory for Lateral Movement☆195Updated 2 years ago
- Execute shellcode from a remote-hosted bin file using Winhttp.☆234Updated last year
- ☆163Updated last year
- Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime☆305Updated last year
- Execute shellcode files with rundll32☆197Updated last year
- Extracting NetNTLM without touching lsass.exe☆235Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆148Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆330Updated 2 years ago
- Patch AMSI and ETW☆239Updated last year
- POC for frustrating/defeating Malware Analysts☆154Updated 2 years ago
- Beacon Object File Loader☆287Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- ☆248Updated 2 years ago
- Do some DLL SideLoading magic☆83Updated last year
- EDRSandblast-GodFault☆265Updated last year
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆165Updated 2 months ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆190Updated last year
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆322Updated 2 years ago
- A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!☆330Updated 10 months ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆187Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆291Updated last year
- (Demo) 3rd party agent for Havoc☆139Updated last year
- Evasive Golang Loader☆131Updated 10 months ago
- ☆164Updated last year