Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).
☆186Feb 12, 2023Updated 3 years ago
Alternatives and similar repositories for BouncyGate
Users that are interested in BouncyGate are comparing it to the libraries listed below
Sorting:
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- COFF and BOF Loader written in Nim☆175Aug 1, 2022Updated 3 years ago
- DLL sideloading/proxying with Nim!☆173Dec 4, 2022Updated 3 years ago
- ErebusGate for Nim Bypass AV/EDR☆162Nov 7, 2022Updated 3 years ago
- Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll☆499Feb 3, 2022Updated 4 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆115Oct 21, 2023Updated 2 years ago
- Nim Library for Offensive Security Development☆197Sep 4, 2023Updated 2 years ago
- A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementin…☆535Aug 1, 2022Updated 3 years ago
- ☆319Jun 28, 2023Updated 2 years ago
- Get fresh Syscalls from a fresh ntdll.dll copy☆235Jan 28, 2022Updated 4 years ago
- AAD related enumeration in Nim☆131Sep 7, 2023Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆123Jan 14, 2022Updated 4 years ago
- A tool for converting SysWhispers3 syscalls for use with Nim projects☆147Jun 2, 2022Updated 3 years ago
- A new AMSI Bypass technique using .NET ALI Call Hooking.☆193Nov 15, 2022Updated 3 years ago
- Threadless Process Injection using remote function hooking.☆810Sep 4, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- D/Invoke implementation in Nim☆100Jun 8, 2022Updated 3 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆309Feb 13, 2023Updated 3 years ago
- Replace the .txt section of the current loaded modules from \KnownDlls\☆305Sep 28, 2022Updated 3 years ago
- A quick example of the Hells Gate technique in Nim☆94Aug 11, 2021Updated 4 years ago
- A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.☆326Jan 31, 2023Updated 3 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Your syscall factory☆126Jan 13, 2026Updated last month
- TartarusGate, Bypassing EDRs☆653Jan 25, 2022Updated 4 years ago
- Sleep obfuscation for shellcode implants and their reflective shit☆53Sep 19, 2023Updated 2 years ago
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆360Mar 2, 2024Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆368Apr 19, 2023Updated 2 years ago
- Patch AMSI and ETW☆249May 8, 2024Updated last year
- Performing Indirect Clean Syscalls☆605Apr 19, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆261Jun 29, 2024Updated last year
- WindowSpy is a Cobalt Strike Beacon Object File meant for automated and targeted user surveillance.☆281Feb 24, 2025Updated last year
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆394Jan 9, 2024Updated 2 years ago
- A rust library that allows you to host the CLR and execute dotnet binaries.☆236Mar 12, 2025Updated 11 months ago
- ☆46Jun 21, 2023Updated 2 years ago
- C# POC to extract NetNTLMv1/v2 hashes from ETW provider☆258May 10, 2023Updated 2 years ago
- Cobalt Strike BOF that identifies Attack Surface Reduction (ASR) rules, actions, and exclusion locations☆160Mar 1, 2024Updated 2 years ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆318Aug 31, 2023Updated 2 years ago
- Collection of Beacon Object Files (BOF) for Cobalt Strike☆675Aug 15, 2025Updated 6 months ago