adgaultier / tamanoirView external linksLinks
An eBPF🐝 Keylogger with C2-based RCE payload delivery
☆308May 12, 2025Updated 9 months ago
Alternatives and similar repositories for tamanoir
Users that are interested in tamanoir are comparing it to the libraries listed below
Sorting:
- A Linux kernel rootkit in Rust using a custom made type-2 hypervisor, eBPF XDP and TC programs☆337Jun 23, 2025Updated 7 months ago
- Make your programs stealthier🐝☆201Jun 12, 2025Updated 8 months ago
- 🕵️♂️ TUI for sniffing network traffic using eBPF on Linux☆2,378Feb 4, 2026Updated last week
- Unix Process hollowing in rust☆22Dec 16, 2024Updated last year
- Generate Proxy DLLs in Rust☆47Sep 2, 2025Updated 5 months ago
- A COFF Loader written in Rust☆135Dec 1, 2025Updated 2 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- Call Stack Spoofing for Rust☆210Jan 28, 2026Updated 2 weeks ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆161Oct 31, 2024Updated last year
- Rust template/library for implementing your own COFF loader☆71Jan 27, 2025Updated last year
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated 11 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆59Mar 17, 2025Updated 10 months ago
- UAC Bypass using CMSTP in Rust☆34Dec 6, 2024Updated last year
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆355Apr 26, 2025Updated 9 months ago
- This tool have the power to hide any PID/directory in the Linux kernel☆30Sep 13, 2024Updated last year
- 🌄 x86_64 OS (kernel) made from scratch in Rust & Assembly☆74Nov 5, 2025Updated 3 months ago
- Windows rootkit designed to work with BYOVD exploits☆214Jan 18, 2025Updated last year
- create sandbox to run untrusted code☆14Feb 5, 2026Updated last week
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 7 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- A reflective DLL development template for the Rust programming language☆113Nov 4, 2025Updated 3 months ago
- Rust crate to parse user-mode minidump files generated on Windows☆18Nov 17, 2025Updated 2 months ago
- Evasion by machine code de-optimization.☆416Jul 22, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated 11 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆66Feb 11, 2025Updated last year
- Cargo subcommand to build a crate into shellcode☆26Aug 15, 2024Updated last year
- This is the latest version of XenoRAT, updated with configurations and capable of bypassing all system securities. It will be maintained …☆22Apr 16, 2025Updated 10 months ago
- Nameless C2 - A C2 with all its components written in Rust☆282Sep 26, 2024Updated last year
- Simple Project that Extracts PE Information.☆21Apr 4, 2025Updated 10 months ago
- Use the Netlogon Remote Protocol (MS-NRPC) to dump the target hash.☆62Feb 25, 2025Updated 11 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆141Dec 6, 2025Updated 2 months ago
- Linker for Beacon Object Files☆149Feb 8, 2026Updated last week
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆86Mar 6, 2025Updated 11 months ago
- Rust implementation of phantom persistence technique documented in https://blog.phantomsec.tools/phantom-persistence☆63Jun 23, 2025Updated 7 months ago
- A hacky way of getting cross-arch/platform support in Cobalt Strike☆37Aug 31, 2025Updated 5 months ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆381Dec 13, 2024Updated last year