Windows Protected Process Light toggle tool — dynamically finds offsets and patches EPROCESS using RTCore64
☆73May 2, 2025Updated last year
Alternatives and similar repositories for nyxppl
Users that are interested in nyxppl are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 7 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆79Jan 19, 2026Updated 5 months ago
- ☆37Apr 15, 2025Updated last year
- ☆64Jan 2, 2024Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆107Feb 25, 2025Updated last year
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- ☆16Dec 7, 2025Updated 6 months ago
- A framework for OAuth 2.0 device code authentication grant flow phishing☆47May 31, 2023Updated 3 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- ☆52Jun 12, 2026Updated 3 weeks ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 10 months ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ForsHops☆154Mar 25, 2025Updated last year
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆28May 4, 2026Updated last month
- Command-line utility to completely halt, disable, and neutralize Windows Defender and Tamper Protection. Bypasses forced UAC and GUI requ…☆43May 29, 2026Updated last month
- Wordpress hosting with auto-scaling - Free Trial Offer • AdFully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆64Mar 17, 2025Updated last year
- A kernel exploit leveraging NtUserHardErrorControl to elevate a thread to KernelMode and achieve arbitrary kernel R/W & more.☆57Sep 20, 2022Updated 3 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 4 years ago
- ☆61Feb 10, 2022Updated 4 years ago
- Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent …☆16Apr 8, 2025Updated last year
- "Service-less" driver loading☆189Nov 28, 2024Updated last year
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆66Mar 1, 2025Updated last year
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆33Aug 18, 2025Updated 10 months ago
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- A short scraper looking for a POC of CVE-2024-49112☆14Dec 16, 2024Updated last year
- kernel callback removal (Bypassing EDR Detections)☆222Nov 14, 2025Updated 7 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆228Dec 17, 2025Updated 6 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- ☆128Jun 17, 2025Updated last year
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆107Mar 10, 2025Updated last year
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆38Jul 27, 2021Updated 4 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆85Aug 13, 2024Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …☆30Aug 2, 2024Updated last year
- This is the tool to dump the LSASS process on modern Windows 11☆591May 23, 2026Updated last month
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆160Nov 7, 2023Updated 2 years ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- ☆28Jan 15, 2024Updated 2 years ago
- Windows rootkit designed to work with BYOVD exploits☆223Jan 18, 2025Updated last year