arsium / BypassGetModuleBaseAddressAndGetExportAddress
A proof of concept of real custom GetProcAddress and GetModuleBaseAddress
☆19Updated 2 years ago
Related projects: ⓘ
- ☆11Updated this week
- Convert native dll to shellcode, and support exported function☆22Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆17Updated 3 years ago
- Collection of shellcode injection and execution techniques☆17Updated 3 years ago
- ☆26Updated 2 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Updated 2 years ago
- ComObject Shellcode Loader with fake return address☆12Updated 2 years ago
- ☆48Updated last year
- C code to enable ETW tracing for Dotnet Assemblies☆28Updated 2 years ago
- ☆11Updated this week
- A PoC to demo modifying cmdline of the child process dynamically. It might be useful against process log tracing, AV or EDR.☆38Updated 3 years ago
- ☆23Updated this week
- Utilizing Alternative Shellcode Execution Via Callbacks☆12Updated 9 months ago
- A more advanced free and open .NET obfuscator using dnlib.☆10Updated last year
- Create a C++ PE which loads an XTEA-crypted .NET PE shellcode in memory.☆15Updated 5 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆29Updated 4 years ago
- One gate to all syscalls!☆23Updated 2 years ago
- RunPE using Hell's Gate technique.☆30Updated 3 years ago
- golang String Obfuscate☆9Updated 2 years ago
- Example of async client/server sockets in .NET 5☆16Updated 3 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆53Updated 2 years ago
- Using Thread Description To Hide Shellcodes☆13Updated 2 years ago
- Just another casual shellcode native loader☆24Updated 2 years ago
- Bypass UAC by abusing the Windows Defender Firewall Control Panel, environment variables, and shell protocol handlers☆16Updated 3 years ago
- Protected Process (Light) Dump: Uses Zemana AntiMalware Engine To Open a Privileged Handle to a PP/PPL Process And Inject MiniDumpWriteDu…☆23Updated 4 years ago
- A PoC tool for exploiting leaked process and thread handles☆30Updated 7 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆27Updated 3 years ago
- Simple and sane compression wrapper library.☆17Updated last year
- Hide code from dnSpy and other C# spying tools☆40Updated 3 years ago
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆17Updated 2 years ago