gmh5225 / rust-mordor-rs
Rusty Hell's Gate / Halo's Gate / Tartarus' Gate / FreshyCalls / Syswhispers2 Library
☆24Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for rust-mordor-rs
- ☆96Updated last year
- Template-based generation of shellcode loaders☆67Updated 7 months ago
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆104Updated 2 months ago
- ☆133Updated last year
- Threadless shellcode injection tool☆60Updated 3 months ago
- I have documented all of the AMSI patches that I learned till now☆68Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆82Updated 5 months ago
- ☆59Updated 5 months ago
- Find DLLs with RWX section☆75Updated last year
- Host CLR and run .NET binaries using Rust☆60Updated 2 weeks ago
- early cascade injection PoC based on Outflanks blog post, in rust☆49Updated 2 weeks ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆75Updated last year
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆164Updated last year
- 64-bit, position-independent implant template for Windows in Rust.☆77Updated last month
- lsassdump via RtlCreateProcessReflection and NanoDump☆73Updated last month
- ☆73Updated last year
- ☆116Updated 2 months ago
- ☆142Updated last year
- ☆44Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated 2 months ago
- Simple BOF to read the protection level of a process☆104Updated last year
- Patch AMSI and ETW in remote process via direct syscall☆77Updated 2 years ago
- ☆118Updated last year
- 64-bit, position-independent reverse tcp shell, built in Rust for Windows.☆44Updated last month
- Splitting and executing shellcode across multiple pages☆99Updated last year
- A work in progress BOF/COFF loader in Rust☆45Updated last year
- Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW☆78Updated last year
- A variation of ProcessOverwriting to execute shellcode on an executable's section☆145Updated 11 months ago
- ☆103Updated 6 months ago