DLL sideloading/proxying with Nim!
☆173Dec 4, 2022Updated 3 years ago
Alternatives and similar repositories for NimDllSideload
Users that are interested in NimDllSideload are comparing it to the libraries listed below
Sorting:
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆186Feb 12, 2023Updated 3 years ago
- COFF and BOF Loader written in Nim☆174Aug 1, 2022Updated 3 years ago
- D/Invoke implementation in Nim☆100Jun 8, 2022Updated 3 years ago
- Nim Library for Offensive Security Development☆197Sep 4, 2023Updated 2 years ago
- A BOF to determine Windows Defender exclusions.☆253Jun 25, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- A Nim implementation of reflective PE-Loading from memory☆300Sep 5, 2024Updated last year
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆123Jan 14, 2022Updated 4 years ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- ErebusGate for Nim Bypass AV/EDR☆162Nov 7, 2022Updated 3 years ago
- A Bumblebee-inspired Crypter☆79Dec 5, 2022Updated 3 years ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆94Aug 1, 2022Updated 3 years ago
- ☆161Mar 27, 2023Updated 2 years ago
- A PoC that combines AutodialDLL lateral movement technique and SSP to scrape NTLM hashes from LSASS process.☆301Oct 26, 2022Updated 3 years ago
- Get fresh Syscalls from a fresh ntdll.dll copy☆234Jan 28, 2022Updated 4 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- Nim-based assembly packer and shellcode loader for opsec & profit☆488Feb 24, 2023Updated 3 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level☆234Oct 18, 2022Updated 3 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Jun 2, 2022Updated 3 years ago
- Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).☆57Oct 10, 2022Updated 3 years ago
- .net config loader☆348Nov 9, 2023Updated 2 years ago
- COFF file (BOF) for managing Kerberos tickets.☆320Jul 2, 2023Updated 2 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆193Nov 15, 2022Updated 3 years ago
- Running .NET from VBA☆148Feb 11, 2023Updated 3 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- Generate an obfuscated DLL that will disable AMSI & ETW☆330Jul 15, 2024Updated last year
- Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms☆136Dec 20, 2022Updated 3 years ago
- Start new PowerShell without etw and amsi in pure nim☆157Feb 14, 2022Updated 4 years ago
- Various ways to execute shellcode☆508Mar 13, 2024Updated last year
- ☆319Jun 28, 2023Updated 2 years ago
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆90Dec 15, 2022Updated 3 years ago
- Beacon Object File Loader☆293Dec 3, 2023Updated 2 years ago
- More examples using the Impacket library designed for learning purposes.☆264Nov 4, 2022Updated 3 years ago
- A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other ob…☆483Oct 14, 2022Updated 3 years ago