Trigleos / ELFREVGOLinks
Anti-analysis tool that obfuscates ELF files
☆29Updated 4 years ago
Alternatives and similar repositories for ELFREVGO
Users that are interested in ELFREVGO are comparing it to the libraries listed below
Sorting:
- Load a statically-linked ELF binary(x86 architecture) without the execve syscall.☆42Updated 4 years ago
- Exploit targeting NT kernel in 24H2 Windows Insider Preview☆132Updated last year
- A Linux x86/x86-64 tool to trace registers and memory regions.☆38Updated 3 years ago
- A Python script to download PDB files associated with a Portable Executable (PE)☆121Updated 4 months ago
- Analysis of the vulnerability☆51Updated last year
- Compile shellcode into an exe file from Windows or Linux.☆67Updated 2 weeks ago
- A payload delivery system which embeds payloads in an executable's icon file!☆74Updated last year
- ELF binary forensics tool for APT, virus, backdoor and rootkit detection☆48Updated 7 months ago
- LPE exploit in the linux module n_gsm.c. This module is used to implement the GSM 07.10 multiplexing protocol. This type of error was “Ra…☆41Updated last year
- Binary Ninja plugin to deobfuscate strings obfuscated with the Garble project☆24Updated 3 months ago
- A few examples of how to trap virtual memory access on Windows.☆31Updated 6 months ago
- Report and exploit of CVE-2023-36427☆90Updated last year
- Code injection from Linux kernel to a process☆21Updated 2 years ago
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆113Updated 2 months ago
- dlopen() filelessly a shared object or even a program (and run it).☆54Updated last year
- Linux process injection PoCs☆31Updated last year
- Abusing exceptions for code execution.☆111Updated 2 years ago
- yet another hidden LKM hunter☆24Updated last year
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆116Updated last year
- Attacking the cleanup_module function of a kernel module☆36Updated 2 months ago
- vulnerability in zam64.sys, zam32.sys allowing ring 0 code execution. CVE-2021-31727 and CVE-2021-31728 public reference.☆91Updated 4 years ago
- An IDA Pro plugin that display cross-references to functions or variables across the entire binary in Hex-Rays pseudocode☆104Updated 2 weeks ago
- Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)☆72Updated last year
- call gates as stable comunication channel for NT x86 and Linux x86_64☆32Updated last year
- using the gpu to hide your payload☆59Updated 2 years ago
- Proof-of-Concept for CVE-2024-21345☆74Updated last year
- Proof-of-Concept for CVE-2024-26218☆51Updated last year
- Linux Kernel module-less implant (backdoor)☆73Updated 4 years ago
- WinREPL is a "read-eval-print loop" shell on Windows that is useful for testing/learning x86 and x64 assembly.☆17Updated 2 years ago
- ☆145Updated last month