WKL-Sec / FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
☆72Updated last year
Alternatives and similar repositories for FuncAddressPro:
Users that are interested in FuncAddressPro are comparing it to the libraries listed below
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆90Updated 10 months ago
- Splitting and executing shellcode across multiple pages☆100Updated last year
- Malware?☆69Updated 6 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆74Updated last month
- Construct the payload at runtime using an array of offsets☆63Updated 9 months ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆141Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆177Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 9 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- ☆98Updated last year
- Find DLLs with RWX section☆79Updated last year
- ☆121Updated last year
- ForsHops☆41Updated 3 weeks ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆130Updated 8 months ago
- Shellcode loader☆79Updated 4 months ago
- Template-based generation of shellcode loaders☆77Updated 11 months ago
- Section-based payload obfuscation technique for x64☆59Updated 8 months ago
- "Service-less" driver loading☆152Updated 4 months ago
- TypeLib persistence technique☆112Updated 5 months ago
- Bypass LSA protection using the BYODLL technique☆157Updated 6 months ago
- Tool for playing with Windows Access Token manipulation.☆54Updated 2 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆111Updated 2 months ago
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆63Updated 3 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆65Updated last week
- ☆54Updated 2 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆60Updated last year
- A runas implementation with extra features in Rust☆38Updated last week
- Shellcode Loader Utilizing ETW Events☆62Updated last month