Teach2Breach / snapinject_rsView external linksLinks
A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial process, takes a snapshot of the process, and injects shellcode into it.
☆50Jan 25, 2025Updated last year
Alternatives and similar repositories for snapinject_rs
Users that are interested in snapinject_rs are comparing it to the libraries listed below
Sorting:
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆161Oct 31, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- find dll base addresses without PEB WALK☆157Jul 13, 2025Updated 7 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆172Nov 28, 2025Updated 2 months ago
- Execute shellcode via Bluetooth device authentication☆40Feb 19, 2025Updated 11 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 10 months ago
- Call Stack Spoofing for Rust☆209Jan 28, 2026Updated 2 weeks ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆116Jan 20, 2025Updated last year
- A bunch of shenanigans using functions, VEH and more☆37Jun 8, 2025Updated 8 months ago
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A synergized Visual Studio and Rust development environment☆19Jan 25, 2025Updated last year
- BOF with Synthetic Stackframe☆220Oct 30, 2025Updated 3 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆66Feb 11, 2025Updated last year
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆231Feb 12, 2025Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆33Jun 23, 2024Updated last year
- Parser and reconciliation tooling for large Active Directory environments.☆33Feb 18, 2025Updated 11 months ago
- Shellcode loader designed for evasion. Coded in Rust.☆134Mar 5, 2023Updated 2 years ago
- A reflective DLL development template for the Rust programming language☆113Nov 4, 2025Updated 3 months ago
- Dynamically invoke arbitrary code in Rust (Dinvoke)☆101Dec 1, 2025Updated 2 months ago
- converts sRDI compatible dlls to shellcode☆35Jan 20, 2025Updated last year
- Sleep obfuscation☆265Dec 13, 2024Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Sep 18, 2024Updated last year
- ☆26Feb 11, 2025Updated last year
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆135Apr 18, 2025Updated 9 months ago
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 7 months ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- A Rust implementation of Internal-Monologue — retrieving NetNTLM hashes without touching LSASS, leveraging SSPI for NTLM negotiation and …☆191Apr 26, 2025Updated 9 months ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆50May 5, 2025Updated 9 months ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆59Dec 11, 2024Updated last year
- Early cascade injection PoC based on Outflanks blog post written in Rust☆67Dec 26, 2025Updated last month
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆296Jul 31, 2024Updated last year
- BOF to decrypt Signal Desktop chat logs☆72Feb 20, 2025Updated 11 months ago
- Port of Cobalt Strike's Process Inject Kit☆190Dec 1, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post☆236Nov 7, 2024Updated last year
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆399Sep 26, 2024Updated last year