b1-team / dll-hijackView external linksLinks
Dll hijack -- just one macro
☆12Jul 3, 2023Updated 2 years ago
Alternatives and similar repositories for dll-hijack
Users that are interested in dll-hijack are comparing it to the libraries listed below
Sorting:
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆16Aug 14, 2023Updated 2 years ago
- Enable EFS service as low priv user (PE & BOF)☆21Jul 6, 2025Updated 7 months ago
- Custom Python shellcode encryptor and obfuscator☆14Jul 31, 2025Updated 6 months ago
- BOF to terminate a process via PID as argument☆28Sep 7, 2025Updated 5 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 7 months ago
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆21Dec 15, 2024Updated last year
- Multiplatform multithread efficient stream rust ransomware☆16May 18, 2022Updated 3 years ago
- Source files for my posts☆17Jun 20, 2023Updated 2 years ago
- Use TpAllocWork, TpPostWork and TpReleaseWork to execute machine code☆24Mar 13, 2023Updated 2 years ago
- 针对windows rootkit的一些检测,分别从进程、端口、文件这三个方面进行检测。☆21Jan 16, 2025Updated last year
- CVE-2024-35250 的 Beacon Object File (BOF) 实现。☆24Nov 28, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- ☆33Jan 23, 2025Updated last year
- Authenticated 0-click RCE against Linux 6.1.45 for CVE-2023-52440 and CVE-2023-4130☆52Sep 13, 2025Updated 5 months ago
- ☆21Feb 22, 2025Updated 11 months ago
- A Crystal Palace shared library to resolve & perform syscalls☆56Oct 29, 2025Updated 3 months ago
- Identify Azure AD resources that issue tokens without MFA enforcement using the ROPC grant flow.☆83Feb 2, 2026Updated last week
- lnk_parser is a full rust implementation to parse windows LNK files☆22Jul 12, 2025Updated 7 months ago
- 一个普通的BOF用来BypassUAC☆22Apr 6, 2024Updated last year
- Experience the power of a PHP webshell designed to overcome the limitations of blacklisted system/exec functions.☆24Jul 14, 2024Updated last year
- Process Injection via Component Object Model (COM) IRundown::DoCallback().☆64Jan 17, 2023Updated 3 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆66May 2, 2023Updated 2 years ago
- Duplicate not owned Token from Running Process☆74Jul 21, 2023Updated 2 years ago
- 64-bit, position-independent implant template for Windows in Rust.☆172Nov 28, 2025Updated 2 months ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation☆31Sep 24, 2022Updated 3 years ago
- Core bypass Windows Defender and execute any binary converted to shellcode☆44Oct 12, 2021Updated 4 years ago
- ☆51Jun 28, 2025Updated 7 months ago
- Vue's plugin to easily integrate pagination.☆10Oct 30, 2018Updated 7 years ago
- A portable C# utility for enumerating local and remote windows sessions☆54Jan 1, 2026Updated last month
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆78Aug 25, 2025Updated 5 months ago
- Microsoft Network Service Fingerprinting Tool☆67Jan 2, 2026Updated last month
- Linux Process Injection via Seccomp Notifier☆81Dec 9, 2025Updated 2 months ago
- Select any exported function in a dll as the new dll's entry point.☆82Oct 25, 2024Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆35Mar 28, 2023Updated 2 years ago
- Advanced malware sandbox evasion using C☆17Jan 23, 2026Updated 3 weeks ago
- BypassCredGuard CS BOF☆49Jan 23, 2025Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆46Jul 16, 2023Updated 2 years ago