WafflesExploits / hide-payload-in-images
A project that demonstrates embedding shellcode payloads into image files (like PNGs) using Python and extracting them using C/C++. Payloads can be retrieved directly from the file on disk or from the image stored in a binary's resources section (.rsrc)
☆52Updated this week
Alternatives and similar repositories for hide-payload-in-images:
Users that are interested in hide-payload-in-images are comparing it to the libraries listed below
- CVE-2024-30090 - LPE PoC☆103Updated 3 months ago
- Create Anti-Copy DRM Malware☆50Updated 4 months ago
- Construct the payload at runtime using an array of offsets☆61Updated 7 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆122Updated 5 months ago
- Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)☆60Updated 3 months ago
- ☆115Updated 4 months ago
- ☆102Updated 2 months ago
- ☆33Updated last month
- Leverage WindowsApp createdump tool to obtain an lsass dump☆145Updated 3 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 8 months ago
- A PoC demonstrating code execution via DLL Side-Loading in WinSxS binaries.☆109Updated 10 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆45Updated 10 months ago
- PoC for using MS Windows printers for persistence / command and control via Internet Printing☆143Updated 8 months ago
- This repository contains a proof-of-concept exploit written in C++ that demonstrates the exploitation of a vulnerability affecting the Wi…☆77Updated 10 months ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆141Updated 5 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆84Updated 11 months ago
- Analyse MSI files for vulnerabilities☆121Updated 4 months ago
- ☆57Updated 10 months ago
- Stage 0☆140Updated last month
- Rex Shellcode Loader for AV/EDR evasion☆28Updated 9 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆130Updated 7 months ago
- My shellcodes (or shellcodish-things) written for educational purpose in NASM assembly.☆32Updated 5 months ago
- ☆50Updated 3 weeks ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆112Updated 3 months ago
- ☆92Updated 4 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 5 months ago
- shared samples from #dailyphish and/or #apt tweets☆37Updated last week
- Proof of Concept Exploit for CVE-2024-9464☆44Updated 3 months ago
- ☆136Updated last month