itaymigdal / GhostNap
Sleep obfuscation for shellcode implants and their reflective shit
☆51Updated last year
Related projects: ⓘ
- malware written for educational purposes☆57Updated 3 months ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆88Updated 2 years ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆25Updated 7 months ago
- PoC XLL builder in Python/Nim☆40Updated last year
- ☆41Updated last year
- ☆37Updated last year
- ☆47Updated last year
- A quick example of the Hells Gate technique in Nim☆93Updated 3 years ago
- Indirect syscalls + DInvoke made simple.☆82Updated 5 months ago
- ShellcodeFluctuation PoC ported to Nim☆72Updated last year
- D/Invoke implementation in Nim☆96Updated 2 years ago
- Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.☆61Updated 3 months ago
- Nim version of MDSec's Parallel Syscall PoC☆122Updated 2 years ago
- COFF and BOF Loader written in Nim☆164Updated 2 years ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆88Updated last year
- Grab unsaved Notepad contents with a Beacon Object File☆48Updated 2 years ago
- Sample Rust Hooking Engine☆32Updated 5 months ago
- A nim port of C5pider's Ekko project.☆16Updated last year
- Run python from a single exe☆34Updated 2 years ago
- Nim process hollowing loader☆47Updated last month
- Python module for running BOFs☆63Updated last year
- Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.☆20Updated 2 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆18Updated last year
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 2 months ago
- Threadless shellcode injection tool☆56Updated last month
- Tool for playing with Windows Access Token manipulation.☆50Updated last year
- Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim☆30Updated 3 years ago
- A tool for converting SysWhispers2 syscalls for use with Nim projects☆117Updated 2 years ago
- Heap encryption in Nim☆19Updated 3 weeks ago
- Simple PoC Python agent to showcase Havoc C2's custom agent interface. Not operationally safe or stable. Released with accompanying blog …☆74Updated 10 months ago