itaymigdal / GhostNapLinks
Sleep obfuscation for shellcode implants and their reflective shit
☆52Updated last year
Alternatives and similar repositories for GhostNap
Users that are interested in GhostNap are comparing it to the libraries listed below
Sorting:
- PoC XLL builder in Python/Nim☆47Updated 2 years ago
- malware written for educational purposes☆66Updated 9 months ago
- Indirect syscalls + DInvoke made simple.☆94Updated 8 months ago
- ☆47Updated 2 years ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Updated last year
- Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.☆83Updated last month
- ☆42Updated 2 years ago
- ☆40Updated 2 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆20Updated 2 years ago
- Nim version of MDSec's Parallel Syscall PoC☆124Updated 3 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated last year
- ShellcodeFluctuation PoC ported to Nim☆78Updated 2 years ago
- Python module for running BOFs☆72Updated 2 years ago
- Sample Rust Hooking Engine☆36Updated last year
- A quick example of the Hells Gate technique in Nim☆97Updated 4 years ago
- Tool for playing with Windows Access Token manipulation.☆55Updated 2 years ago
- Sniffing files generator☆59Updated 6 months ago
- maldev obviously☆27Updated 3 months ago
- Rewrite to fit my needs☆30Updated last year
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆96Updated 3 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆65Updated last year
- Proof of Concept code and samples presenting emerging threat of MSI installer files.☆86Updated 2 years ago
- Click Once + App Domain☆63Updated last year
- A care package of useful bofs for red team engagments☆55Updated 8 months ago
- D/Invoke implementation in Nim☆103Updated 3 years ago
- A VSCode devcontainer for development of COFF files with batteries included.☆49Updated 2 years ago
- Run Cobalt Strike BOFs in Brute Ratel C4!☆71Updated 4 months ago
- Lateral Movement via the .NET Profiler☆82Updated 9 months ago
- Your syscall factory☆124Updated 2 months ago
- A nim port of C5pider's Ekko project.☆17Updated 2 years ago