csandker/inMemoryShellcode external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

csandker/inMemoryShellcode

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/csandker/inMemoryShellcode)

Close

csandker / inMemoryShellcodeView on GitHubMore

• External links
• Readme badge

A Collection of In-Memory Shellcode Execution Techniques for Windows

☆151Jul 26, 2019Updated 6 years ago

Alternatives and similar repositories for inMemoryShellcode

Users that are interested in inMemoryShellcode are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Mr-Un1k0d3r / Shellcoding

  View on GitHub
  Shellcoding utilities
  ☆225Dec 16, 2020Updated 5 years ago
• aaaddress1 / sakeInject

  View on GitHub
  Windows PE - TLS (Thread Local Storage) Injector in C/C++
  ☆109Jan 3, 2021Updated 5 years ago
• ch3rn0byl / HookedRDP

  View on GitHub
  ☆51Dec 11, 2019Updated 6 years ago
• RedXRanger / StageStrike

  View on GitHub
  Custom Cobalt Strike stagers using different methods of thread execution and memory allocation
  ☆110May 24, 2020Updated 5 years ago
• outflanknl / WdToggle

  View on GitHub
  A Beacon Object File (BOF) for Cobalt Strike which uses direct system calls to enable WDigest credential caching.
  ☆219May 3, 2023Updated 3 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• NtRaiseHardError / NINA

  View on GitHub
  NINA: No Injection, No Allocation x64 Process Injection Technique
  ☆226Jun 9, 2020Updated 5 years ago
• alfarom256 / BOF-ForeignLsass

  View on GitHub
  ☆101Aug 23, 2021Updated 4 years ago
• rsmudge / unhook-bof

  View on GitHub
  Remove API hooks from a Beacon process.
  ☆284Sep 18, 2021Updated 4 years ago
• rxwx / cs-rdll-ipc-example

  View on GitHub
  Example code for using named pipe output with beacon ReflectiveDLLs
  ☆121Jun 24, 2020Updated 5 years ago
• ionescu007 / faxhell

  View on GitHub
  A Bind Shell Using the Fax Service and a DLL Hijack
  ☆333May 3, 2020Updated 6 years ago
• outflanknl / TamperETW

  View on GitHub
  PoC to demonstrate how CLR ETW events can be tampered.
  ☆192Mar 26, 2020Updated 6 years ago
• ChaitanyaHaritash / Callback_Shellcode_Injection

  View on GitHub
  POCs for Shellcode Injection via Callbacks
  ☆415Feb 23, 2021Updated 5 years ago
• idiotc4t / Schrodinger-s-Cat

  View on GitHub
  Shellcode antivirus evasion framework
  ☆27Jan 16, 2021Updated 5 years ago
• Yaxser / CobaltStrike-BOF

  View on GitHub
  Collection of beacon BOF written to learn windows and cobaltstrike
  ☆363Feb 24, 2023Updated 3 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• decoder-it / juicy_2

  View on GitHub
  juicypotato for win10 > 1803 & win server 2019
  ☆97Feb 23, 2021Updated 5 years ago
• paranoidninja / Process-Instrumentation-Syscall-Hook

  View on GitHub
  A simple program to hook the current process to identify the manual syscall executions on windows
  ☆268Nov 18, 2022Updated 3 years ago
• EspressoCake / BeaconDownloadSync

  View on GitHub
  ☆94May 14, 2022Updated 4 years ago
• outflanknl / FindObjects-BOF

  View on GitHub
  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or pro…
  ☆275May 3, 2023Updated 3 years ago
• FalconForceTeam / SysWhispers2BOF

  View on GitHub
  Script to use SysWhispers2 direct system calls from Cobalt Strike BOFs
  ☆125May 24, 2022Updated 3 years ago
• itm4n / Perfusion

  View on GitHub
  Exploit for the RpcEptMapper registry key permissions vulnerability (Windows 7 / 2088R2 / 8 / 2012)
  ☆426Apr 22, 2021Updated 5 years ago
• aaaddress1 / wowInjector

  View on GitHub
  PoC: Exploit 32-bit Thread Snapshot of WOW64 to Take Over $RIP & Inject & Bypass Antivirus HIPS (HITB 2021)
  ☆166May 27, 2021Updated 4 years ago
• d35ha / CallObfuscator

  View on GitHub
  Obfuscate specific windows apis with different apis
  ☆1,020Feb 21, 2021Updated 5 years ago
• mobdk / CloneProcess

  View on GitHub
  Clone running process with ZwCreateProcess
  ☆59Nov 8, 2020Updated 5 years ago
• Managed hosting for WordPress and PHP on Cloudways • Ad
  Managed hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
• Moriarty2016 / NimRDI

  View on GitHub
  RDI implementation in Nim
  ☆64Dec 12, 2020Updated 5 years ago
• boku7 / spawn

  View on GitHub
  Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks b…
  ☆469Mar 8, 2023Updated 3 years ago
• xuanxuan0 / DripLoader

  View on GitHub
  Evasive shellcode loader for bypassing event-based injection detection (PoC)
  ☆829Aug 23, 2021Updated 4 years ago
• vysecurity / VBA-RunPE

  View on GitHub
  A VBA implementation of the RunPE technique or how to bypass application whitelisting.
  ☆14Dec 30, 2018Updated 7 years ago
• mai1zhi2 / SysWhispers2_x86

  View on GitHub
  X86 version of syswhispers2 / x86 direct system call
  ☆331Jan 28, 2021Updated 5 years ago
• b4rtik / ATPMiniDump

  View on GitHub
  Evading WinDefender ATP credential-theft
  ☆255Dec 2, 2019Updated 6 years ago
• jreegun / Researches

  View on GitHub
  Contains poc's and my research works
  ☆31Feb 13, 2023Updated 3 years ago
• jsecu / CredManBOF

  View on GitHub
  ☆100Sep 20, 2021Updated 4 years ago
• 0xpat / COFFInjector

  View on GitHub
  PoC MSVC COFF Object file loader/injector.
  ☆187Mar 19, 2021Updated 5 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• guervild / BOFs

  View on GitHub
  Cobalt Strike Beacon Object Files
  ☆168May 2, 2022Updated 4 years ago
• rmdavy / HeapsOfFun

  View on GitHub
  AMSI Bypass Via the Heap
  ☆107Nov 20, 2020Updated 5 years ago
• antonioCoco / Mapping-Injection

  View on GitHub
  Just another Windows Process Injection
  ☆409Aug 7, 2020Updated 5 years ago
• leoloobeek / COMRunner

  View on GitHub
  A simple COM server which provides a component to run shellcode
  ☆143May 12, 2020Updated 6 years ago
• NotMedic / SocksLauncher

  View on GitHub
  ☆14Oct 25, 2019Updated 6 years ago
• rasta-mouse / Fork-n-Run

  View on GitHub
  ☆73Oct 24, 2021Updated 4 years ago
• djhohnstein / CSharpSetThreadContext

  View on GitHub
  C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread
  ☆120Apr 9, 2019Updated 7 years ago