A fucking real shellcode loader with a GUI. Work-in-Progress.
☆82Jun 25, 2025Updated 8 months ago
Alternatives and similar repositories for Protect_Loader
Users that are interested in Protect_Loader are comparing it to the libraries listed below
Sorting:
- Shellcode loader written in C and Assembly utilizing direct or indirect syscalls to evade UM EDR hooks☆139Dec 22, 2024Updated last year
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆51May 22, 2025Updated 10 months ago
- shellcode loader for your evasion needs☆350Apr 30, 2025Updated 10 months ago
- A Rust implementation of GodPotato — abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTA…☆358Updated this week
- A malicous Golang Package☆15Apr 21, 2025Updated 11 months ago
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 11 months ago
- Indirect Syscall with TartarusGate Approach in Go☆135Jul 8, 2025Updated 8 months ago
- A tool written in golang which compress using UPX and patch it with the provided PE file to make "UPX -d" flag impossible to decompress a…☆31Jan 2, 2025Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- A PoC for Early Cascade process injection technique.☆214Jan 30, 2025Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- A robust Windows Process Executable Packer and Launcher implementation written in Rust for Windows x64 systems.☆43Jan 9, 2025Updated last year
- Bypasses AMSI protection through remote memory patching and parsing technique.☆55May 12, 2025Updated 10 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆217Jan 18, 2025Updated last year
- remote process injections using pool party techniques☆70Jun 29, 2025Updated 8 months ago
- Clipboard for Command and Control between VDI, RDP and Others on Windows☆51Dec 7, 2025Updated 3 months ago
- Sleep obfuscation☆271Dec 13, 2024Updated last year
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆28May 13, 2025Updated 10 months ago
- ☆33Jan 23, 2025Updated last year
- Convert your shellcode into an ASCII string☆127Jun 27, 2025Updated 8 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated last year
- Shellcode loader generator with multiples features☆508Dec 31, 2024Updated last year
- Port of Cobalt Strike's Process Inject Kit☆192Dec 1, 2024Updated last year
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- Because AV evasion should be easy.☆862Nov 28, 2024Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 10 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆169May 30, 2024Updated last year
- Unpacker for donut shellcode☆21Jun 20, 2020Updated 5 years ago
- ☆26Aug 11, 2025Updated 7 months ago
- Resources linked to my presentation at OffensiveX in Athens in June 2024 on the topic "Breach the Gat, Advanced Initial Access in 2024"☆147Aug 15, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆326Apr 12, 2024Updated last year
- Bypass Credential Guard by patching WDigest.dll using only NTAPI functions☆268Apr 8, 2025Updated 11 months ago