NUL0x4C / RecycleBinPersistence
using the Recycle Bin to insure persistence
☆12Updated 2 years ago
Alternatives and similar repositories for RecycleBinPersistence:
Users that are interested in RecycleBinPersistence are comparing it to the libraries listed below
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆17Updated 3 years ago
- Using Thread Description To Hide Shellcodes☆14Updated 2 years ago
- Process injection via KernelCallbackTable☆14Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆17Updated 3 years ago
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 6 years ago
- Remote PE reflective injection with a simple reflective loader☆31Updated 5 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 2 years ago
- Just another casual shellcode native loader☆24Updated 3 years ago
- Hooking Heavens Gate in a weekend☆13Updated 3 years ago
- Manually perform syscalls without going through any external API or DLL.☆18Updated last year
- using the kct to run your shellcode the apt style☆14Updated 2 years ago
- Utilizing Alternative Shellcode Execution Via Callbacks☆13Updated last year
- XOrCryptEx lightweight C Utility/Algorithm☆11Updated 3 years ago
- Collection of shellcode injection and execution techniques☆16Updated 3 years ago
- Dangling COM Keys Finder☆17Updated 3 years ago
- Process Injection: APC Injection☆29Updated 4 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆12Updated 5 months ago
- really ?☆12Updated last year
- Malware persistence via COM DLL hijacking. C++ implementation example☆14Updated 2 years ago
- Classic DLL injection. Download dll from url and inject. Simple C++ implementation☆10Updated 2 years ago
- Listing UDP connections with remote address without sniffing.☆30Updated last year
- A PoC tool for exploiting leaked process and thread handles☆30Updated last year
- A console obfuscator for .NET assemblies.☆10Updated 2 years ago
- A kernel mode Windows rootkit in development.☆48Updated 3 years ago
- automates exploits using ROP chains, using ntdll-scraper☆16Updated 2 years ago
- Six cases demonstrating methods of optimizing GetProcAddress☆17Updated 3 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆20Updated 2 years ago
- Injects position-dependent code into a code cave in an executable file, and applies relocations.☆22Updated last year
- Anti-Analysis technique, trick the debugger by Hiding events from it.☆19Updated 3 years ago
- An attempt at reversing WindowsDefender☆20Updated 5 months ago