NtDallas / Fenrir
stack spoofing
☆79Updated 2 months ago
Alternatives and similar repositories for Fenrir:
Users that are interested in Fenrir are comparing it to the libraries listed below
- ☆84Updated 5 months ago
- ☆97Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆59Updated 10 months ago
- Execute dotnet app from unmanaged process☆69Updated last month
- ☆48Updated 3 weeks ago
- Reimplementation of the KExecDD DSE bypass technique.☆45Updated 5 months ago
- ☆92Updated 3 weeks ago
- converts sRDI compatible dlls to shellcode☆20Updated 3 weeks ago
- ☆36Updated 2 years ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆45Updated 11 months ago
- BOF with Synthetic Stackframe☆106Updated 3 weeks ago
- Section-based payload obfuscation technique for x64☆59Updated 6 months ago
- ☆60Updated 8 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 6 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆49Updated 3 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 5 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆62Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆41Updated last year
- Threadless shellcode injection tool☆63Updated 6 months ago
- TypeLib persistence technique☆106Updated 3 months ago
- Shellcode loader☆77Updated 2 months ago
- Malware?☆69Updated 4 months ago
- ☆46Updated 2 years ago