Xobtah / hermes
Self-updatable RAT + C2 server + client.
☆10Updated 10 months ago
Alternatives and similar repositories for hermes:
Users that are interested in hermes are comparing it to the libraries listed below
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆32Updated last month
- A WIP shellcode loader tool which bypasses AV/EDR, coded in C++, and equipped with a minimal console builder.☆48Updated last week
- Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust☆40Updated 10 months ago
- A runas implementation with extra features in Rust☆38Updated 2 weeks ago
- Command & Control server and agent written in Rust☆36Updated 2 years ago
- A COFF Loader written in Rust☆97Updated 2 weeks ago
- Call Stack Spoofing for Rust with support #[no_std]☆83Updated this week
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆44Updated last year
- A simple Sleepmask BOF example☆98Updated 7 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆18Updated this week
- The best powershell obfuscator ever made☆103Updated last week
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆142Updated 5 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆205Updated 2 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆65Updated 2 weeks ago
- Encode shellcode into dictionary words for evasion and entropy reduction☆25Updated 5 months ago
- A Rust crate to parse user-mode minidump files generated on Windows☆14Updated last month
- Explorer Persistence technique : Hijacking cscapi.dll order loading path and writing our malicious dll into C:\Windows\cscapi.dll , when …☆83Updated 2 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆78Updated 2 years ago
- Sleep obfuscation☆218Updated 4 months ago
- Host CLR and run .NET binaries using Rust☆100Updated 2 weeks ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆9Updated this week
- User Mode Windows Rootkit☆59Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆37Updated 7 months ago
- BOF with Synthetic Stackframe☆143Updated 2 months ago
- Threadless shellcode injection tool☆63Updated 8 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆60Updated this week
- ☆12Updated 2 months ago
- Collection of malware techniques for red teams.☆48Updated this week
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆76Updated 2 months ago
- Execute shellcode via Bluetooth device authentication☆38Updated 2 months ago