S3cur3Th1sSh1t / NimShellcodeFluctuation
ShellcodeFluctuation PoC ported to Nim
☆75Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for NimShellcodeFluctuation
- A quick example of the Hells Gate technique in Nim☆92Updated 3 years ago
- ☆47Updated last year
- D/Invoke implementation in Nim☆99Updated 2 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆91Updated 2 years ago
- ☆61Updated 2 years ago
- ☆34Updated last year
- PoC XLL builder in Python/Nim☆41Updated 2 years ago
- ☆59Updated 4 months ago
- Sleep Obfuscation☆41Updated 2 years ago
- Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.☆19Updated 2 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆76Updated 2 years ago
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆86Updated 2 years ago
- this repo is to cover the other undocumented or published / in different langaue to achieve shellcode injection via windows callback func…☆82Updated 2 years ago
- A third-party Gopher Assassin for the Havoc Framework.☆44Updated 10 months ago
- Grab unsaved Notepad contents with a Beacon Object File☆48Updated 2 years ago
- Tool for playing with Windows Access Token manipulation.☆52Updated last year
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆138Updated 2 years ago
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- Threadless shellcode injection tool☆61Updated 3 months ago
- ☆39Updated last year
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Unchain AMSI by patching the provider’s unmonitored memory space☆88Updated 2 years ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆80Updated last year
- HelpSystems Nanodump, but wrapped in powershell via Invoke-ReflectivePEInjection☆53Updated 2 years ago
- C# Port of LdapRelayScan☆77Updated 2 years ago
- Lateral Movement via the .NET Profiler☆76Updated this week
- A care package of useful bofs for red team engagments☆48Updated 2 years ago
- Depending on the AV/EPP/EDR creating a Taskschedule Job with a default cradle is often flagged☆86Updated 2 years ago