byt3bl33d3r / NimDllSideload
DLL sideloading/proxying with Nim!
☆167Updated 2 years ago
Alternatives and similar repositories for NimDllSideload:
Users that are interested in NimDllSideload are comparing it to the libraries listed below
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆146Updated 2 years ago
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆119Updated 3 years ago
- COFF and BOF Loader written in Nim☆172Updated 2 years ago
- ErebusGate for Nim Bypass AV/EDR☆161Updated 2 years ago
- Your syscall factory☆121Updated 3 weeks ago
- Nim Payload Generation☆59Updated last year
- Patch AMSI and ETW☆236Updated 10 months ago
- Infect Shared Files In Memory for Lateral Movement☆194Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- D/Invoke implementation in Nim☆100Updated 2 years ago
- POC for frustrating/defeating Malware Analysts☆154Updated 2 years ago
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆226Updated last year
- reflectively load and execute PEs locally and remotely bypassing EDR hooks☆151Updated last year
- ☆181Updated last year
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆253Updated last year
- Find .net assemblies locally☆108Updated 2 years ago
- Simple BOF to read the protection level of a process☆115Updated last year
- ☆243Updated 2 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆181Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆152Updated last year
- Nim Library for Offensive Security Development☆197Updated last year
- Payload for DLL sideloading of the OneDriveUpdater.exe, based on the PaloAltoNetwork Unit42's blog post☆91Updated 2 years ago
- Do some DLL SideLoading magic☆80Updated last year
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆217Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆141Updated 10 months ago
- ☆154Updated 2 years ago
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆149Updated last year
- ☆119Updated last year
- An App Domain Manager Injection DLL PoC on steroids☆167Updated last year
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆229Updated 2 years ago