Teach2Breach / hollow_rsLinks
A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.
☆30Updated 7 months ago
Alternatives and similar repositories for hollow_rs
Users that are interested in hollow_rs are comparing it to the libraries listed below
Sorting:
- ☆53Updated 3 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆60Updated 7 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆62Updated 2 weeks ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆68Updated 3 weeks ago
- Rust template/library for implementing your own COFF loader☆69Updated 7 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆58Updated 5 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆50Updated 5 months ago
- remote process injections using pool party techniques☆66Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆55Updated 5 months ago
- Impersonate Tokens using only NTAPI functions☆80Updated 5 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 7 months ago
- BOF to decrypt Signal Desktop chat logs☆71Updated 6 months ago
- BOF for C2 framework☆43Updated 10 months ago
- ☆53Updated 8 months ago
- A process injection technique using only thread context manipulation☆38Updated last year
- Modern PIC implant for Windows (64 & 32 bit)☆103Updated last month
- Proxy function calls through the thread pool with ease☆29Updated 6 months ago
- converts sRDI compatible dlls to shellcode☆31Updated 7 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- Lateral Movement as loggedon User via Speech Named Pipe COM & ISpeechNamedPipe + COM Hijacking☆128Updated 2 months ago
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆36Updated last month
- A collection of position independent coding resources☆93Updated last week
- Post-Ex BOF tooling for Hannibal☆24Updated 9 months ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆69Updated last month
- This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…☆49Updated 4 months ago
- Linker for Beacon Object Files☆128Updated last week
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆67Updated last year
- GPOAnalyzer is a tool designed to assist in parsing domain Group Policy Object (GPO) files located in the SYSVOL directory.☆27Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆60Updated 10 months ago
- From C, Rust or Zig to binary shellcode compiler based on Mingw gcc. It allows using Win32 APIs and standard libraries without any change…☆43Updated last week