☆46Jun 21, 2023Updated 2 years ago
Alternatives and similar repositories for Steganim
Users that are interested in Steganim are comparing it to the libraries listed below
Sorting:
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- ☆29May 10, 2024Updated last year
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- COFF and BOF Loader written in Nim☆175Aug 1, 2022Updated 3 years ago
- Splitting and executing shellcode across multiple pages☆103Jun 8, 2023Updated 2 years ago
- ☆39May 20, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- ☆48May 12, 2021Updated 4 years ago
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- Nim Shellcode Injector☆15Jan 24, 2021Updated 5 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆186Feb 12, 2023Updated 3 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆94Aug 1, 2022Updated 3 years ago
- ☆319Jun 28, 2023Updated 2 years ago
- Updated version of a long known self deletion technique to work with 24H2.☆61Jun 9, 2025Updated 8 months ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- malware written for educational purposes☆71Dec 31, 2025Updated 2 months ago
- C# POC code for the SessionEnv dll hijack by utilizing called functions of TSMSISrv.dll☆62Apr 18, 2019Updated 6 years ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- ☆125Jun 28, 2023Updated 2 years ago
- Etwti-UnhookPOC just for test☆12Aug 23, 2022Updated 3 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆122May 29, 2024Updated last year
- ☆65Mar 15, 2024Updated last year
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆160Jul 14, 2025Updated 7 months ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆129Sep 27, 2023Updated 2 years ago
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆351Aug 29, 2024Updated last year
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated 10 months ago
- ☆224Oct 22, 2023Updated 2 years ago
- PE Crypter written in Nim☆101Mar 25, 2021Updated 4 years ago
- ☆152Oct 2, 2023Updated 2 years ago
- An App Domain Manager Injection DLL PoC on steroids☆212Dec 14, 2023Updated 2 years ago
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆38Dec 7, 2025Updated 2 months ago