WKL-Sec / FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
☆69Updated 8 months ago
Related projects ⓘ
Alternatives and complementary repositories for FuncAddressPro
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆37Updated 3 months ago
- Splitting and executing shellcode across multiple pages☆99Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆40Updated 8 months ago
- A bunch of scripts and code i wrote.☆130Updated this week
- Template-based generation of shellcode loaders☆65Updated 6 months ago
- Malware?☆69Updated last month
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆173Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆81Updated 4 months ago
- ☆118Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆205Updated last month
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆117Updated 3 months ago
- Classic Process Injection with Memory Evasion Techniques implemantation☆62Updated last year
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆102Updated last month
- ☆108Updated last year
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆137Updated 7 months ago
- Recursive Loader☆102Updated last month
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆54Updated 2 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated 8 months ago
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆159Updated last year
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆108Updated 8 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader☆84Updated 7 months ago
- a stage1 DLL loader with sleep obfuscation☆32Updated last year
- ☆116Updated 2 months ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆79Updated last year
- ☆81Updated 2 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆122Updated 5 months ago
- ☆103Updated 6 months ago
- Collection of one-liners to bypass User Account Control (UAC) in Windows. These techniques exploit certain behavior in Windows applicatio…☆84Updated last year