eversinc33 / GpuDecryptShellcodeLinks
XOR decrypting shellcode using the GPU with OpenCL.
☆114Updated 3 months ago
Alternatives and similar repositories for GpuDecryptShellcode
Users that are interested in GpuDecryptShellcode are comparing it to the libraries listed below
Sorting:
- bring your own vulnerable driver☆106Updated 2 years ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆72Updated last month
- ☆50Updated 3 years ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆131Updated last year
- An Obfuscator-LLVM based mingw-w64 toolchain.☆41Updated 3 years ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆105Updated 2 years ago
- ☆87Updated 2 years ago
- Code used in this post https://captmeelo.com/redteam/maldev/2022/04/21/kernelcallbacktable-injection.html☆132Updated 3 years ago
- Kernel Mode Driver for Elevating Process Privileges☆132Updated 2 years ago
- Exploiting the KsecDD Windows driver through Server Silos☆73Updated 9 months ago
- Template-based generation of shellcode loaders☆79Updated last year
- ☆38Updated 2 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆124Updated 2 years ago
- Splitting and executing shellcode across multiple pages☆101Updated 2 years ago
- find dll base addresses without PEB WALK☆141Updated last month
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- Block any Process to open HANDLE to your process , only SYTEM is allowed to open handle to your process ,with that you can avoid remote m…☆171Updated 2 years ago
- Windows AppLocker Driver (appid.sys) LPE☆63Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆83Updated 2 years ago
- Exploitation of echo_driver.sys☆170Updated last year
- ☆100Updated last year
- CreateRemoteThread: how to pass multiple parameters to the remote thread function without shellcode.☆135Updated last month
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆96Updated 6 months ago
- ☆114Updated 2 years ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆48Updated last year
- Small PoC of using a Microsoft signed executable as a lolbin.☆138Updated 2 years ago
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆99Updated 8 months ago
- Enabled / Disable LSA Protection via BYOVD☆74Updated 3 years ago
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆117Updated this week