Nordgaren / stealth-win

Related projects ⓘ

Alternatives and complementary repositories for stealth-win

• gabriellandau / ShadowStackWalk
  Finding Truth in the Shadows
  ☆84Updated last year
• kkent030315 / razy_importer
  Rust implementation of lazy_importer
  ☆45Updated last year
• realoriginal / grimreaper
  A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
  ☆104Updated 2 months ago
• oberrich / phnt-rs
  Rust bindings to the System Informer's (formerly known as Process Hacker) "phnt" native Windows headers
  ☆39Updated 2 months ago
• connormcgarr / EATGuard
  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)
  ☆93Updated last year
• carlos-al / user-kernel-syscall-hook
  ☆82Updated 5 months ago
• dobin / RedEdr
  Collect Windows telemetry for Maldev
  ☆57Updated this week
• mannyfred / SentinelBruh
  Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution
  ☆38Updated 4 months ago
• rbmm / NtDetours
  Detours implementation (x64/x86) which used only ntdll import
  ☆88Updated 5 months ago
• realoriginal / angryorchard
  A kernel vulnerability used to achieve arbitrary read-write on Windows prior to July 2022
  ☆105Updated last year
• oldboy21 / SWAPPALA
  In-memory hiding technique
  ☆42Updated 5 months ago
• wildbook / hwbp-rs
  A thin Rust wrapper around Windows' hardware breakpoints.
  ☆20Updated 2 years ago
• Ben-Lichtman / reloader
  Reflective DLL self-loading as a library
  ☆19Updated last year
• realoriginal / blacklotus
  A attempt at replicating BLACKLOTUS capabilities, whilst not acting as a direct mimic.
  ☆85Updated last year
• zodiacon / NativePowers
  Native Powers Talk demos
  ☆14Updated last year
• zimnyaa / insomnia
  a stage1 DLL loader with sleep obfuscation
  ☆32Updated last year
• Azvanzed / vmw-logger-rs
  A VMWare logger using built-in backdoor.
  ☆25Updated last month
• gatariee / ldrgen
  Template-based generation of shellcode loaders
  ☆67Updated 7 months ago
• realoriginal / bootdoor
  An initial proof of concept of a bootkit based on Cr4sh's DMABackdoorBoot
  ☆59Updated last year
• gmh5225 / rust-mordor-rs
  Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library
  ☆24Updated 2 years ago
• passthehashbrowns / VectoredExceptionHandling
  ☆81Updated 3 months ago
• 0prrr / Malwear-Sweet
  Malware?
  ☆70Updated last month
• jdu2600 / EtwTi-FluctuationMonitor
  Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections
  ☆95Updated last year
• joaoviictorti / rustclr
  Host CLR and run .NET binaries using Rust
  ☆60Updated 2 weeks ago
• maziland / StackBombing
  Next gen process injection technique
  ☆42Updated 4 years ago
• melotic / rekk
  rekk is set of tools written in Rust to obfuscate ELF & PE executables with nanomites.
  ☆28Updated last year
• adamhlt / Cave-Finder
  Tool to find code cave in PE image (x86 / x64) - Find empty space to place code in PE files
  ☆59Updated last year
• frank2 / oxide
  A PoC packer written in Rust!
  ☆64Updated 2 years ago