ioncodes / SilentLoad
"Service-less" driver loading
☆151Updated 4 months ago
Alternatives and similar repositories for SilentLoad:
Users that are interested in SilentLoad are comparing it to the libraries listed below
- ☆103Updated 3 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆130Updated 8 months ago
- A collection of position independent coding resources☆76Updated 2 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆113Updated 4 months ago
- Construct the payload at runtime using an array of offsets☆63Updated 10 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated 9 months ago
- A Mythic Agent written in PIC C.☆186Updated 2 months ago
- ☆154Updated 4 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆76Updated last month
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆92Updated last week
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆109Updated 7 months ago
- ☆105Updated 5 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆74Updated 8 months ago
- Malware?☆69Updated 6 months ago
- shell code example☆34Updated last week
- Sleep obfuscation☆216Updated 4 months ago
- ☆114Updated last month
- Shellcode loader☆81Updated 5 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆259Updated 7 months ago
- Bypass LSA protection using the BYODLL technique☆157Updated 7 months ago
- stack spoofing☆84Updated 5 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆92Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆73Updated 3 months ago
- Windows rootkit designed to work with BYOVD exploits☆183Updated 3 months ago
- BOF with Synthetic Stackframe☆143Updated 2 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆113Updated 2 months ago
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆99Updated last year
- ☆61Updated 10 months ago
- ☆135Updated last year