NVISOsecurity / codasm
Payload encoding utility to effectively lower payload entropy.
☆90Updated last month
Related projects ⓘ
Alternatives and complementary repositories for codasm
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆205Updated last month
- A set of programs for analyzing common vulnerabilities in COM☆152Updated 2 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆135Updated last week
- Rust port of LayeredSyscall, designed to perform indirect syscalls while generating legitimate API call stack frames by abusing Vectored …☆89Updated last week
- early cascade injection PoC based on Outflanks blog post☆91Updated this week
- ☆125Updated 3 months ago
- ☆116Updated 2 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆117Updated 3 months ago
- ☆173Updated 11 months ago
- Exploitation of process killer drivers☆186Updated last year
- ☆133Updated last year
- Local & remote Windows DLL Proxying☆161Updated 4 months ago
- Bypass LSA protection using the BYODLL technique☆142Updated last month
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆168Updated 10 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆149Updated 5 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆153Updated 2 weeks ago
- ☆95Updated last week
- Template-based generation of shellcode loaders☆65Updated 6 months ago
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆102Updated last month
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆81Updated 4 months ago
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆89Updated 4 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆75Updated last month
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆122Updated 5 months ago
- PE obfuscator with Evasion in mind☆210Updated last year
- This repository implements Threadless Injection in C☆153Updated 10 months ago
- EDRSandblast-GodFault☆240Updated last year
- Your syscall factory☆122Updated last month
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year