ViperXSecurity / lib-nosaLinks
lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.
☆117Updated last year
Alternatives and similar repositories for lib-nosa
Users that are interested in lib-nosa are comparing it to the libraries listed below
Sorting:
- "Service-less" driver loading☆162Updated 10 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆122Updated 10 months ago
- Activation Context Hijack☆170Updated 2 months ago
- shell code example☆63Updated 3 weeks ago
- ☆60Updated 6 months ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- Bypass user-land hooks by syscall tampering via the Trap Flag☆127Updated 2 months ago
- A 64 bit executable junk code engine for polymorphic malware.☆70Updated 4 months ago
- A collection of position independent coding resources☆94Updated last month
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆106Updated 9 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆43Updated 2 weeks ago
- ☆134Updated 9 months ago
- ☆108Updated 11 months ago
- Payload encoding utility to effectively lower payload entropy.☆119Updated 6 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆272Updated last year
- Windows rootkit designed to work with BYOVD exploits☆211Updated 9 months ago
- A Mythic Agent written in PIC C.☆201Updated 8 months ago
- Malware?☆74Updated last year
- ☆42Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆103Updated 2 years ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆104Updated last year
- ☆158Updated 10 months ago
- A collection of PoCs to do common things in unconventional ways☆118Updated last month
- Mentally ill EtwTi parser☆66Updated 2 weeks ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆121Updated last year
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Updated 6 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆102Updated 8 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆208Updated 4 months ago
- ☆61Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated 9 months ago