byt3bl33d3r / NimDllSideloadView external linksLinks
DLL sideloading/proxying with Nim!
☆175Dec 4, 2022Updated 3 years ago
Alternatives and similar repositories for NimDllSideload
Users that are interested in NimDllSideload are comparing it to the libraries listed below
Sorting:
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆187Feb 12, 2023Updated 3 years ago
- COFF and BOF Loader written in Nim☆176Aug 1, 2022Updated 3 years ago
- D/Invoke implementation in Nim☆103Jun 8, 2022Updated 3 years ago
- Nim Library for Offensive Security Development☆198Sep 4, 2023Updated 2 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆146May 18, 2024Updated last year
- A Nim implementation of reflective PE-Loading from memory☆299Sep 5, 2024Updated last year
- AAD related enumeration in Nim☆132Sep 7, 2023Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆124Jan 14, 2022Updated 4 years ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- ErebusGate for Nim Bypass AV/EDR☆164Nov 7, 2022Updated 3 years ago
- A Bumblebee-inspired Crypter☆80Dec 5, 2022Updated 3 years ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆96Aug 1, 2022Updated 3 years ago
- ☆160Mar 27, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Get fresh Syscalls from a fresh ntdll.dll copy☆236Jan 28, 2022Updated 4 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- Nim-based assembly packer and shellcode loader for opsec & profit☆488Feb 24, 2023Updated 2 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆235Oct 18, 2022Updated 3 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆148Jun 2, 2022Updated 3 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆58Oct 10, 2022Updated 3 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- COFF file (BOF) for managing Kerberos tickets.☆321Jul 2, 2023Updated 2 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆192Nov 15, 2022Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆536Aug 1, 2022Updated 3 years ago
- Running .NET from VBA☆149Feb 11, 2023Updated 3 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆329Jul 15, 2024Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆134Dec 20, 2022Updated 3 years ago
- Start new PowerShell without etw and amsi in pure nim☆157Feb 14, 2022Updated 4 years ago
- Various ways to execute shellcode☆508Mar 13, 2024Updated last year
- ☆319Jun 28, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Beacon Object File Loader☆294Dec 3, 2023Updated 2 years ago
- More examples using the Impacket library designed for learning purposes.☆268Nov 4, 2022Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆482Oct 14, 2022Updated 3 years ago