itaymigdal / PichichiH0ll0werLinks
Nim process hollowing loader
☆59Updated last month
Alternatives and similar repositories for PichichiH0ll0wer
Users that are interested in PichichiH0ll0wer are comparing it to the libraries listed below
Sorting:
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆52Updated last year
- Splitting and executing shellcode across multiple pages☆101Updated 2 years ago
- Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies☆120Updated last year
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆120Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year
- ☆137Updated 2 years ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆70Updated last month
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆67Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆103Updated 5 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- EvtPsst☆55Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- ☆34Updated 5 months ago
- A more reliable way of resolving syscall numbers in Windows☆52Updated last year
- IoctlHunter is a command-line tool designed to simplify the analysis of IOCTL calls made by userland software targeting Windows drivers.☆105Updated last year
- Malware?☆74Updated 11 months ago
- PoC XLL builder in Python/Nim☆47Updated 2 years ago
- Mythic C2 Agent written in x64 PIC C☆83Updated 7 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated last year
- "Service-less" driver loading☆161Updated 9 months ago
- A process injection technique using only thread context manipulation☆38Updated last year
- Template-based generation of shellcode loaders☆79Updated last year
- Demoting PPL anti-malware services to less than a guest user☆63Updated 7 months ago
- ☆123Updated last year
- ☆60Updated last year
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆47Updated last year
- Rewrite to fit my needs☆31Updated last year
- Fork of Get-InjectedThread - https://gist.github.com/jaredcatkinson/23905d34537ce4b5b1818c3e6405c1d2☆46Updated last year
- Do some DLL SideLoading magic☆86Updated 2 years ago