Whitecat18 / earlycascade-injectionLinks
Early cascade injection PoC based on Outflanks blog post written in Rust
☆56Updated 8 months ago
Alternatives and similar repositories for earlycascade-injection
Users that are interested in earlycascade-injection are comparing it to the libraries listed below
Sorting:
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- ☆58Updated 11 months ago
- Modern PIC implant for Windows (64 & 32 bit)☆104Updated 2 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆61Updated 7 months ago
- POC of GITHUB simple C2 in rust☆52Updated 2 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆70Updated last month
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 8 months ago
- Dynamic shellcode loader with sophisticated evasion capabilities☆80Updated this week
- Section-based payload obfuscation technique for x64☆64Updated last year
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆79Updated 7 months ago
- Sniffing files generator☆59Updated 7 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 11 months ago
- ☆37Updated 6 months ago
- A simple C++ Windows tool to get information about processes exposing named pipes.☆39Updated 6 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆44Updated last year
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆80Updated 5 months ago
- Impersonate Tokens using only NTAPI functions☆80Updated 6 months ago
- Select any exported function in a dll as the new dll's entry point.☆82Updated 11 months ago
- EvtPsst☆55Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆50Updated 4 months ago
- ☆44Updated 3 months ago
- ☆60Updated last year
- BOF for C2 framework☆43Updated 10 months ago
- Some of the presentations, workshops, and labs I gave at public conferences.☆34Updated 3 weeks ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆30Updated 7 months ago
- ☆29Updated last year
- in-process powershell runner for BRC4☆47Updated last year
- ☆53Updated 4 months ago