WKL-Sec / FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
β70Updated 10 months ago
Alternatives and similar repositories for FuncAddressPro:
Users that are interested in FuncAddressPro are comparing it to the libraries listed below
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ42Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β84Updated 7 months ago
- β120Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, anβ¦β176Updated last year
- Template-based generation of shellcode loadersβ72Updated 8 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Executionβ40Updated 6 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already sβ¦β55Updated last year
- Splitting and executing shellcode across multiple pagesβ99Updated last year
- A bunch of scripts and code i wrote.β135Updated 2 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interfaceβ65Updated last month
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 5 months ago
- Malware?β69Updated 3 months ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)β140Updated 10 months ago
- Windows rootkit designed to work with BYOVD exploitsβ110Updated this week
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).β135Updated last year
- A cmkr based win32 shellcode template for a unified build platform and more production friendly structure/testing.β65Updated last month
- Recursive Loaderβ102Updated 3 months ago
- Classic Process Injection with Memory Evasion Techniques implemantationβ66Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similarβ122Updated 5 months ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".β75Updated last year
- β111Updated last year
- β109Updated 2 years ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.β130Updated 7 months ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent codeβ40Updated 4 months ago
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge β¦β172Updated last year
- BOF with Synthetic Stackframeβ58Updated this week
- Find DLLs with RWX sectionβ76Updated last year
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Callsβ105Updated 4 months ago
- Section-based payload obfuscation technique for x64β59Updated 5 months ago
- abusing Process Hacker driver to terminate other processes (BYOVD)β81Updated last year