NVISOsecurity/codasm external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

NVISOsecurity/codasm

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/NVISOsecurity/codasm)

Close

NVISOsecurity / codasmView on GitHubMore

• External links
• Readme badge

Payload encoding utility to effectively lower payload entropy.

☆125Apr 15, 2025Updated 11 months ago

Alternatives and similar repositories for codasm

Users that are interested in codasm are comparing it to the libraries listed below

• LLVMParty / LLVMCMakeTemplate

  View on GitHub
  Collection of scripts and CMake files to easily link to LLVM into your project (Windows, Linux, macOS).
  ☆43Apr 2, 2025Updated 11 months ago
• farfella / in-memory-cpython

  View on GitHub
  An In-memory Embedding of CPython
  ☆31May 24, 2021Updated 4 years ago
• pinwhell / MSPDBX

  View on GitHub
  Lightweight PDB symbol parser and resolver
  ☆29Oct 28, 2024Updated last year
• mr-r3bot / bof-modules

  View on GitHub
  BOF for C2 framework
  ☆44Nov 9, 2024Updated last year
• Octoberfest7 / Secure_Stager

  View on GitHub
  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution
  ☆195Nov 27, 2024Updated last year
• EvanMcBroom / sleepy

  View on GitHub
  A lexer and parser for Sleep
  ☆20Feb 20, 2026Updated last month
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆283Sep 18, 2024Updated last year
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆126Sep 1, 2024Updated last year
• zzhsec / NlsCodeInjectionThroughRegistry

  View on GitHub
  Dll injection through code page id modification in registry. Based on jonas lykk research
  ☆17Jun 18, 2022Updated 3 years ago
• Teach2Breach / rpeloader

  View on GitHub
  use python on windows with full submodule support without installation
  ☆30Jan 23, 2025Updated last year
• voidvxvi / EnableAllTokenPrivs

  View on GitHub
  Enable or Disable TokenPrivilege(s)
  ☆15May 17, 2024Updated last year
• LloydLabs / shellcode-plain-sight

  View on GitHub
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆211Nov 12, 2025Updated 4 months ago
• rasta-mouse / Crystal-Loaders

  View on GitHub
  A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike
  ☆193Oct 29, 2025Updated 4 months ago
• brew02 / BudgetEPT

  View on GitHub
  Create stealthy, inline, EPT-like hooks using SMAP and SMEP
  ☆61Oct 19, 2024Updated last year
• Friends-Security / RedirectThread

  View on GitHub
  Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…
  ☆199Jun 17, 2025Updated 9 months ago
• CICADA8-Research / Spyndicapped

  View on GitHub
  COM ViewLogger — new malware keylogging technique
  ☆407Jan 6, 2025Updated last year
• helviojunior / hookchain

  View on GitHub
  HookChain: A new perspective for Bypassing EDR Solutions
  ☆594Jan 5, 2025Updated last year
• ViperXSecurity / lib-nosa

  View on GitHub
  lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
  ☆122Sep 8, 2024Updated last year
• MzHmO / SymProcAddress

  View on GitHub
  Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)
  ☆144Mar 16, 2024Updated 2 years ago
• joaoviictorti / uwd

  View on GitHub
  Call Stack Spoofing for Rust
  ☆212Jan 28, 2026Updated last month
• janoglezcampos / llvm-yx-callobfuscator

  View on GitHub
  LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.
  ☆324Jan 17, 2024Updated 2 years ago
• Teach2Breach / phantom_persist_rs

  View on GitHub
  Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence
  ☆63Jun 23, 2025Updated 8 months ago
• boku7 / patchwerk

  View on GitHub
  BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)
  ☆195Feb 6, 2025Updated last year
• rbmm / RtlClone

  View on GitHub
  ☆42Feb 18, 2025Updated last year
• MythicAgents / Hannibal

  View on GitHub
  A Mythic Agent written in PIC C.
  ☆206Feb 4, 2025Updated last year
• hasherezade / thread_namecalling

  View on GitHub
  Process Injection using Thread Name
  ☆307Apr 18, 2025Updated 11 months ago
• Offensive-Panda / LsassReflectDumping

  View on GitHub
  This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…
  ☆216Oct 19, 2024Updated last year
• Cracked5pider / earlycascade-injection

  View on GitHub
  early cascade injection PoC based on Outflanks blog post
  ☆239Nov 7, 2024Updated last year
• zero2504 / Shadow-Rebirth

  View on GitHub
  Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique
  ☆20Dec 3, 2024Updated last year
• fortra / No-Consolation

  View on GitHub
  A BOF that runs unmanaged PEs inline
  ☆683Oct 23, 2024Updated last year
• zimnyaa / xyrella

  View on GitHub
  PoC XLL builder in Python/Nim
  ☆49Nov 21, 2022Updated 3 years ago
• Crypt0s / Ekko_CFG_Bypass

  View on GitHub
  A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process
  ☆115Aug 29, 2022Updated 3 years ago
• akamai / Mirage

  View on GitHub
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆104Feb 25, 2025Updated last year
• Tylous / FaceDancer

  View on GitHub
  FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…
  ☆407Sep 26, 2024Updated last year
• jakobfriedl / BenevolentLoader

  View on GitHub
  Shellcode loader using direct syscalls via Hell's Gate and payload encryption.
  ☆102Jun 16, 2024Updated last year
• dsnezhkov / shutter

  View on GitHub
  ☆124May 12, 2021Updated 4 years ago
• AmitMoshel1 / PatchGuardEncryptorDriver

  View on GitHub
  A basic implementation of Patch Guard that I implemented, that includes integrity checks and other protection mechanisms I added.
  ☆78Mar 29, 2025Updated 11 months ago
• senzee1984 / EDRPrison

  View on GitHub
  Leverage a legitimate WFP callout driver to prevent EDR agents from sending telemetry
  ☆460Aug 2, 2024Updated last year
• Karkas66 / CelestialSpark

  View on GitHub
  Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …
  ☆103Mar 27, 2025Updated 11 months ago