florylsk/NtRemoteLoad external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

florylsk/NtRemoteLoad

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/florylsk/NtRemoteLoad)

Close

florylsk / NtRemoteLoadView on GitHubMore

• External links
• Readme badge

Remote Shellcode Injector

☆219Aug 27, 2023Updated 2 years ago

Alternatives and similar repositories for NtRemoteLoad

Users that are interested in NtRemoteLoad are comparing it to the libraries listed below

• florylsk / RecycledInjector

  View on GitHub
  Native Syscalls Shellcode Injector
  ☆267Jul 2, 2023Updated 2 years ago
• naksyn / ProcessStomping

  View on GitHub
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆148Dec 16, 2023Updated 2 years ago
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆293Jul 15, 2023Updated 2 years ago
• ewby / Mockingjay_BOF

  View on GitHub
  Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique
  ☆158Nov 7, 2023Updated 2 years ago
• Dec0ne / DllNotificationInjection

  View on GitHub
  A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…
  ☆466Aug 23, 2023Updated 2 years ago
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆787Jan 26, 2026Updated last month
• lem0nSec / ShellGhost

  View on GitHub
  A memory-based evasion technique which makes shellcode invisible from process start to end.
  ☆1,198Oct 16, 2023Updated 2 years ago
• pard0p / CallstackSpoofingPOC

  View on GitHub
  C++ self-Injecting dropper based on various EDR evasion techniques.
  ☆426Feb 11, 2024Updated 2 years ago
• florylsk / SignatureGate

  View on GitHub
  Weaponized HellsGate/SigFlip
  ☆204Jun 7, 2023Updated 2 years ago
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆262Jun 29, 2024Updated last year
• zer0condition / mhydeath

  View on GitHub
  Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.
  ☆408Aug 22, 2023Updated 2 years ago
• icyguider / LatLoader

  View on GitHub
  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.
  ☆309Dec 9, 2023Updated 2 years ago
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆153Oct 2, 2023Updated 2 years ago
• S3cur3Th1sSh1t / Caro-Kann

  View on GitHub
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆407Sep 12, 2023Updated 2 years ago
• Dec0ne / HWSyscalls

  View on GitHub
  HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.
  ☆719Jul 19, 2023Updated 2 years ago
• dmcxblue / SharpBlackout

  View on GitHub
  Terminate AV/EDR leveraging BYOVD attack
  ☆103Mar 21, 2025Updated 11 months ago
• gabriellandau / EDRSandblast-GodFault

  View on GitHub
  EDRSandblast-GodFault
  ☆271Aug 28, 2023Updated 2 years ago
• frkngksl / UnlinkDLL

  View on GitHub
  DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
  ☆60Dec 15, 2023Updated 2 years ago
• nickvourd / Supernova

  View on GitHub
  Real fucking shellcode encryptor & obfuscator tool
  ☆1,013Jan 7, 2026Updated 2 months ago
• Maldev-Academy / MaldevAcademyLdr.1

  View on GitHub
  RunPE implementation with multiple evasive techniques (1)
  ☆383Sep 22, 2023Updated 2 years ago
• Maldev-Academy / Christmas

  View on GitHub
  PoC demonstrating a multi process injection chain aimed at remotely executing shellcode
  ☆259Jan 21, 2024Updated 2 years ago
• YOLOP0wn / EchoDrv

  View on GitHub
  Exploitation of echo_driver.sys
  ☆170Sep 16, 2023Updated 2 years ago
• x0reaxeax / PageSplit

  View on GitHub
  Splitting and executing shellcode across multiple pages
  ☆103Jun 8, 2023Updated 2 years ago
• cpu0x00 / SharpReflectivePEInjection

  View on GitHub
  reflectively load and execute PEs locally and remotely bypassing EDR hooks
  ☆164Jan 4, 2024Updated 2 years ago
• MalwareTech / EDR-Preloader

  View on GitHub
  An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
  ☆542Feb 13, 2024Updated 2 years ago
• georgesotiriadis / Chimera

  View on GitHub
  Automated DLL Sideloading Tool With EDR Evasion Capabilities
  ☆505Dec 19, 2023Updated 2 years ago
• Kudaes / EPI

  View on GitHub
  Threadless Process Injection through entry point hijacking
  ☆351Sep 10, 2024Updated last year
• REDMED-X / InjectKit

  View on GitHub
  Modified versions of the Cobalt Strike Process Injection Kit
  ☆106Jan 24, 2024Updated 2 years ago
• TunnelGRE / Percino

  View on GitHub
  Evasive Golang Loader
  ☆137Jul 27, 2024Updated last year
• SaadAhla / D1rkLdr

  View on GitHub
  Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…
  ☆322Aug 2, 2023Updated 2 years ago
• CCob / ThreadlessInject

  View on GitHub
  Threadless Process Injection using remote function hooking.
  ☆810Sep 4, 2024Updated last year
• SaadAhla / D1rkInject

  View on GitHub
  Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…
  ☆185Aug 2, 2023Updated 2 years ago
• Mr-Un1k0d3r / .NetConfigLoader

  View on GitHub
  .net config loader
  ☆349Nov 9, 2023Updated 2 years ago
• WKL-Sec / dcomhijack

  View on GitHub
  Lateral Movement Using DCOM and DLL Hijacking
  ☆324Jun 18, 2023Updated 2 years ago
• YOLOP0wn / POSTDump

  View on GitHub
  ☆342Nov 10, 2025Updated 4 months ago
• florylsk / ExecIT

  View on GitHub
  Execute shellcode files with rundll32
  ☆218Jan 28, 2024Updated 2 years ago
• Octoberfest7 / Inline-Execute-PE

  View on GitHub
  Execute unmanaged Windows executables in CobaltStrike Beacons
  ☆715Mar 4, 2023Updated 3 years ago
• iilegacyyii / ThreadlessInject-BOF

  View on GitHub
  BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…
  ☆395Jan 9, 2024Updated 2 years ago
• MalwareTech / EDRception

  View on GitHub
  A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.
  ☆204Dec 27, 2023Updated 2 years ago