anvilsecure / ulexecveLinks
ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries ever having to touch storage. This is useful for red-teaming and anti-forensics purposes.
☆193Updated last year
Alternatives and similar repositories for ulexecve
Users that are interested in ulexecve are comparing it to the libraries listed below
Sorting:
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆138Updated 2 years ago
- A stealthy ELF loader - no files, no execve, no RWX☆169Updated last year
- Linux Kernel module-less implant (backdoor)☆74Updated 4 years ago
- Circumventing "noexec" mount flag to execute arbitrary linux binaries by ptrace-less process injection☆122Updated 3 months ago
- Ghidra scripts for recovering string definitions in Go binaries☆118Updated 10 months ago
- stealth userland kit that doesn't use sys_clone/sys_execve call☆34Updated 5 months ago
- rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump☆119Updated last year
- Elf binary infector written in Go.☆211Updated 8 months ago
- eBPF hacks☆187Updated 9 months ago
- Userland exec PoC to be used as attack vector technique☆85Updated 7 months ago
- bdvl☆114Updated 3 years ago
- A personal collection of Windows CVE I have turned in to exploit source, as well as a collection of payloads I've written to be used in c…☆121Updated 3 years ago
- ROP ROCKET is an advanced code-reuse attack framework, with extensive ROP chain generation capabilities, including for novel Windows Sysc…☆154Updated last month
- LD_PRELOAD rootkit☆136Updated last year
- Linux process injection PoCs☆30Updated last year
- ☆205Updated 10 months ago
- NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection☆30Updated 2 years ago
- Mara is a userland pty/tty sniffer☆53Updated last year
- A command line Windows API tracing tool for Golang binaries.☆158Updated last year
- ☆73Updated 9 months ago
- Paracosme is a zero-click remote memory corruption exploit that compromises ICONICS Genesis64 which was demonstrated successfully on stag…☆89Updated last year
- Leveraging CVEs as North Stars in vulnerability discovery and comprehension.☆69Updated last year
- Get root via TTY / TIOCSTI stuffing☆76Updated 4 months ago
- ☆49Updated 2 years ago
- Proof of concept for injecting simple shellcode via ptrace into a running process.☆73Updated 2 years ago
- GERMY is a Linux Kernel n-day in the N_GSM line discipline☆49Updated last year
- This repo contains write ups of vulnerabilities I've found and exploits I've publicly developed.☆147Updated 2 years ago
- ☆215Updated last year
- Google Chrome Use After Free☆59Updated 3 years ago
- ☆286Updated 3 years ago