daVinci13 / Exe2shell
Converts exe to shellcode.
☆103Updated last year
Alternatives and similar repositories for Exe2shell:
Users that are interested in Exe2shell are comparing it to the libraries listed below
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆172Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆186Updated last year
- A Beacon Object File (BOF) template for Visual Studio☆183Updated 2 weeks ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆308Updated last year
- BOF combination of KillDefender and Backstab☆166Updated 2 years ago
- A little tool to play with the Seclogon service☆308Updated 2 years ago
- Load static-compiled PE from remote server.☆60Updated 3 years ago
- Some POCs for my BYOVD research and find some vulnerable drivers☆184Updated 6 months ago
- A BOF to automate common persistence tasks for red teamers☆271Updated 2 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆270Updated 2 years ago
- A Visual Studio template used to create Cobalt Strike BOFs☆298Updated 3 years ago
- Process Ghosting Tool☆170Updated 3 years ago
- CaveCarver - PE backdooring tool which utilizes and automates code cave technique☆221Updated last year
- WIP shellcode loader in nim with EDR evasion techniques☆210Updated 3 years ago
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆180Updated last year
- Generic PE loader for fast prototyping evasion techniques☆229Updated 8 months ago
- Another meterpreter injection technique using C# that attempts to bypass Defender☆257Updated 3 years ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆169Updated last year
- A Nim implementation of reflective PE-Loading from memory☆275Updated 6 months ago
- Shellcode obfuscation tool to avoid AV/EDR.☆126Updated last year
- You shall pass☆256Updated 2 years ago
- CobaltWhispers is an aggressor script that utilizes a collection of Beacon Object Files (BOF) for Cobalt Strike to perform process inject…☆229Updated 2 years ago
- Patching AmsiOpenSession by forcing an error branching☆145Updated last year
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆138Updated 2 years ago
- bring your own vulnerable driver☆92Updated last year
- Building and Executing Position Independent Shellcode from Object Files in Memory☆157Updated 4 years ago
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆373Updated last year
- Execute shellcode files with rundll32☆195Updated last year
- A Beacon Object File (BOF) is a compiled C program, written to a convention that allows it to execute within a Beacon process and use int…☆166Updated 2 weeks ago
- A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For educat…☆90Updated last year