Payload encoding utility to effectively lower payload entropy.
☆124Apr 15, 2025Updated 10 months ago
Alternatives and similar repositories for codasm
Users that are interested in codasm are comparing it to the libraries listed below
Sorting:
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆281Sep 18, 2024Updated last year
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).☆43Apr 2, 2025Updated 10 months ago
- Lightweight PDB symbol parser and resolver☆28Oct 28, 2024Updated last year
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆323Jan 17, 2024Updated 2 years ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆199Jun 17, 2025Updated 8 months ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- ☆126Sep 1, 2024Updated last year
- HookChain: A new perspective for Bypassing EDR Solutions☆590Jan 5, 2025Updated last year
- A lexer and parser for Sleep☆20Feb 20, 2026Updated last week
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆185Oct 29, 2025Updated 4 months ago
- ☆124May 12, 2021Updated 4 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- ☆31Jul 26, 2024Updated last year
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated last month
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆122Sep 8, 2024Updated last year
- Process Injection using Thread Name☆299Apr 18, 2025Updated 10 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- COM ViewLogger — new malware keylogging technique☆404Jan 6, 2025Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆86Apr 26, 2025Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆102Jun 16, 2024Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Mar 27, 2025Updated 11 months ago
- A Mythic Agent written in PIC C.☆207Feb 4, 2025Updated last year
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆400Sep 26, 2024Updated last year
- ☆42Feb 18, 2025Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- Yet another LLVM-based obfuscator☆124Sep 3, 2024Updated last year
- Aims to identify sleeping beacons☆662Jan 25, 2026Updated last month
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.☆78Mar 29, 2025Updated 11 months ago
- A BOF that runs unmanaged PEs inline☆680Oct 23, 2024Updated last year
- Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry☆458Aug 2, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆214Oct 19, 2024Updated last year
- BOF to decrypt Signal Desktop chat logs☆71Feb 20, 2025Updated last year