Sleep obfuscation for shellcode implants and their reflective shit
☆53Sep 19, 2023Updated 2 years ago
Alternatives and similar repositories for GhostNap
Users that are interested in GhostNap are comparing it to the libraries listed below
Sorting:
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year
- Your syscall factory☆126Jan 13, 2026Updated last month
- NimSkrull is an adaption from the original Skrull malware anti-copy DRM. Only for the anti-copy feature. (https://github.com/aaaddress1/S…☆13May 20, 2023Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆79Dec 23, 2023Updated 2 years ago
- Poshito is a Windows C2 over Telegram☆21Oct 30, 2024Updated last year
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).☆186Feb 12, 2023Updated 3 years ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- A step-by-step walkthrough of how to write a Client and a Driver to communicate with each other and boost the priority of a thread.☆17Dec 12, 2023Updated 2 years ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆283Jun 15, 2024Updated last year
- ☆39May 20, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.☆85Jul 11, 2025Updated 7 months ago
- Malsys is a project designed to validate and analyze files for potential malware signatures.☆21Nov 5, 2023Updated 2 years ago
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆30Jan 21, 2024Updated 2 years ago
- Nim process hollowing loader☆62Jul 22, 2025Updated 7 months ago
- ☆44Oct 16, 2023Updated 2 years ago
- Kill AV/EDR leveraging BYOVD attack☆391Jul 11, 2023Updated 2 years ago
- A tiny macro library for protecting sensitive strings in compiled binaries☆40Oct 8, 2024Updated last year
- A nice process dumping tool☆82Jul 19, 2022Updated 3 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Mythic C2 wrapper for NimSyscallPacker☆25Mar 12, 2025Updated 11 months ago
- ☆18Sep 14, 2023Updated 2 years ago
- ☆123Oct 9, 2023Updated 2 years ago
- Automated .NET AppDomain hijack payload generation☆129Feb 4, 2025Updated last year
- ☆46Jun 21, 2023Updated 2 years ago
- CallBack-Techniques for Shellcode execution ported to Nim☆62Mar 19, 2021Updated 4 years ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- COFF and BOF Loader written in Nim☆175Aug 1, 2022Updated 3 years ago
- Source generator to add D/Invoke and indirect syscall methods to a C# project.☆190Mar 4, 2024Updated last year
- ☆42Jan 13, 2023Updated 3 years ago
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Nimbo-C2 is yet another (simple and lightweight) C2 framework☆439Jan 29, 2026Updated last month
- An i686 & x86_64 position independent implant template for Rust 🦀☆33Jul 6, 2025Updated 7 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆102Sep 18, 2023Updated 2 years ago
- Nim Socks5 library☆29Dec 29, 2021Updated 4 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆309Feb 13, 2023Updated 3 years ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year