byt3bl33d3r / NimDllSideload
DLL sideloading/proxying with Nim!
☆163Updated last year
Related projects ⓘ
Alternatives and complementary repositories for NimDllSideload
- Your syscall factory☆121Updated 2 months ago
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆117Updated 2 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆138Updated 2 years ago
- Nim Payload Generation☆59Updated last year
- COFF and BOF Loader written in Nim☆168Updated 2 years ago
- Nim Library for Offensive Security Development☆196Updated last year
- Patch AMSI and ETW☆232Updated 6 months ago
- ☆175Updated 11 months ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆110Updated last year
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆170Updated 8 months ago
- D/Invoke implementation in Nim☆99Updated 2 years ago
- ☆155Updated 3 months ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆250Updated last year
- ErebusGate for Nim Bypass AV/EDR☆159Updated 2 years ago
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆179Updated last year
- (Demo) 3rd party agent for Havoc☆128Updated last year
- Lateral Movement Using DCOM and DLL Hijacking☆281Updated last year
- Start new PowerShell without etw and amsi in pure nim☆157Updated 2 years ago
- ☆146Updated last year
- CobaltStrike BOF to spawn Beacons using DLL Application Directory Hijacking☆216Updated last year
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆135Updated 6 months ago
- Indirect syscalls + DInvoke made simple.☆85Updated 3 weeks ago
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆174Updated last year
- ☆116Updated 2 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆88Updated last year
- You shall pass☆249Updated 2 years ago
- Infect Shared Files In Memory for Lateral Movement☆192Updated last year
- Extracting NetNTLM without touching lsass.exe☆224Updated 11 months ago
- Porting of BOF InlineExecute-Assembly to load .NET assembly in process but with patchless AMSI and ETW bypass using hardware breakpoint.☆155Updated last year