A fucking real shellcode loader with a GUI. Work-in-Progress.
☆82Jun 25, 2025Updated 8 months ago
Alternatives and similar repositories for Protect_Loader
Users that are interested in Protect_Loader are comparing it to the libraries listed below
Sorting:
- Shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆137Dec 22, 2024Updated last year
- shellcode loader for your evasion needs☆352Apr 30, 2025Updated 10 months ago
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 9 months ago
- Indirect Syscall with TartarusGate Approach in Go☆134Jul 8, 2025Updated 7 months ago
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆354Apr 26, 2025Updated 10 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54May 12, 2025Updated 9 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆232Feb 12, 2025Updated last year
- A PoC for Early Cascade process injection technique.☆211Jan 30, 2025Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 8 months ago
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- Convert your shellcode into an ASCII string☆128Jun 27, 2025Updated 8 months ago
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆42Jan 9, 2025Updated last year
- Clipboard for Command and Control between VDI, RDP and Others on Windows☆50Dec 7, 2025Updated 2 months ago
- A malicous Golang Package☆15Apr 21, 2025Updated 10 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆128Oct 4, 2024Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- Shellcode loader generator with multiples features☆508Dec 31, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- A port of classic netcat to C#☆34Jan 21, 2023Updated 3 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- Because AV evasion should be easy.☆859Nov 28, 2024Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 10 months ago
- Port of Cobalt Strike's Process Inject Kit☆191Dec 1, 2024Updated last year
- ☆26Aug 11, 2025Updated 6 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Nameless C2 - A C2 with all its components written in Rust☆283Sep 26, 2024Updated last year
- ☆21Jan 8, 2026Updated last month
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 9 months ago
- Good CLR Host with Native patchless AMSI Bypass☆103Apr 18, 2025Updated 10 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Early cascade injection PoC based on Outflanks blog post written in Rust☆68Dec 26, 2025Updated 2 months ago
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆146Aug 15, 2024Updated last year
- Select any exported function in a dll as the new dll's entry point.☆81Oct 25, 2024Updated last year