Windows Protected Process Light toggle tool — dynamically finds offsets and patches EPROCESS using RTCore64
☆67May 2, 2025Updated 11 months ago
Alternatives and similar repositories for nyxppl
Users that are interested in nyxppl are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- CLI version of NetworkMiner (https://www.netresec.com/?page=NetworkMiner)☆13Dec 1, 2025Updated 4 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆73Jan 19, 2026Updated 2 months ago
- ☆38Apr 15, 2025Updated 11 months ago
- ☆64Jan 2, 2024Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆108Feb 25, 2025Updated last year
- Wordpress hosting with auto-scaling on Cloudways • AdFully Managed hosting built for WordPress-powered businesses that need reliable, auto-scalable hosting. Cloudways SafeUpdates now available.
- ☆16Dec 7, 2025Updated 4 months ago
- A framework for OAuth 2.0 device code authentication grant flow phishing☆46May 31, 2023Updated 2 years ago
- Self delete DLL (2)☆14Feb 15, 2024Updated 2 years ago
- ☆52Mar 30, 2026Updated last week
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 7 months ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ForsHops☆153Mar 25, 2025Updated last year
- load arbitrary dlls, call any exported function, calls execute inside g0 as normal syscalls do from the traditional route, no syscall or …☆28Feb 18, 2026Updated last month
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆61Mar 17, 2025Updated last year
- Proton VPN Special Offer - Get 70% off • AdSpecial partner offer. Trusted by over 100 million users worldwide. Tested, Approved and Recommended by Experts.
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆25Jul 5, 2023Updated 2 years ago
- A BOF tool that can be used to collect passwords using CredUIPromptForWindowsCredentialsName.☆16Jun 16, 2022Updated 3 years ago
- ☆60Feb 10, 2022Updated 4 years ago
- "Service-less" driver loading☆184Nov 28, 2024Updated last year
- Analyzes AdminSDHolder permissions & compares with default baseline or a previous run, to detect potential backdoor/excessive persistent …☆16Apr 8, 2025Updated last year
- An advanced utility for converting Windows Portable Executable (PE) files to position-independent code (PIC) shellcode. It enables execut…☆66Mar 1, 2025Updated last year
- C++ tool and library for converting .bin files to shellcode in multiple output formats.☆34Aug 18, 2025Updated 7 months ago
- Moonwalk++: Simple POC Combining StackMoonwalking and Memory Encryption☆215Dec 17, 2025Updated 3 months ago
- A short scraper looking for a POC of CVE-2024-49112☆13Dec 16, 2024Updated last year
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- kernel callback removal (Bypassing EDR Detections)☆213Nov 14, 2025Updated 4 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- ☆122Jun 17, 2025Updated 9 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Sep 8, 2021Updated 4 years ago
- ZeroProbe is an advanced enumeration and analysis framework designed for exploit developers, security researchers, and red teamers. It pr…☆108Mar 10, 2025Updated last year
- A crappy hook on SpAcceptLsaModeContext that prints incoming auth attempts. WIP☆37Jul 27, 2021Updated 4 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Aug 13, 2024Updated last year
- An Unsigned Driver Mapper for Windows 10 22H2 -> Windows 11 23H2 that uses PdFwKrnl to exploit the Read/Write IOCTL Calls to disable DSE …☆26Aug 2, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- GPU virtual machines on DigitalOcean Gradient AI • AdGet to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
- This is the tool to dump the LSASS process on modern Windows 11☆572Nov 1, 2025Updated 5 months ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- ☆24Jan 15, 2024Updated 2 years ago
- Windows rootkit designed to work with BYOVD exploits☆218Jan 18, 2025Updated last year
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆136Dec 8, 2025Updated 4 months ago
- ☆27Mar 6, 2025Updated last year