A simple research-focused AES-based shellcode loader demonstrating in-memory execution and NTAPI techniques to help understand how custom loaders can bypass Windows Defender–based detection.
☆38Feb 19, 2026Updated last week
Alternatives and similar repositories for shellcoderunner
Users that are interested in shellcoderunner are comparing it to the libraries listed below
Sorting:
- Custom Amsi Bypass by patching AmsiOpenSession function in amsi.dll☆50Jun 16, 2025Updated 8 months ago
- A small set of Beacon Object Files (BOFs) that I developed over the time with a Magic: The Gathering theme.☆16Jul 15, 2025Updated 7 months ago
- A different approach to writing BOFs in rust.☆19Aug 20, 2025Updated 6 months ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆74Aug 24, 2025Updated 6 months ago
- Impacket pre-compiled binaries☆18Jul 31, 2023Updated 2 years ago
- Windows Error Reporting ALPC Elevation of Privilege (CVE-2026-20817) - Proof-of-Concept exploit demonstrating local privilege escalation …☆35Feb 19, 2026Updated last week
- Umbrella will protect your shellcode from the rain.☆31Jun 4, 2025Updated 8 months ago
- ☆26Aug 11, 2025Updated 6 months ago
- Windows Privilege Escalation☆23Jun 7, 2022Updated 3 years ago
- Impacket☆49Updated this week
- a minimalistic winrm client written in python☆25May 15, 2025Updated 9 months ago
- A simple website to act as a store for havoc modules and extensions☆28Jan 20, 2025Updated last year
- A Beacon Object File (BOF) that performs the complete ESC1 attack chain in a single execution: certificate request with arbitrary SAN (+S…☆116Dec 21, 2025Updated 2 months ago
- Cortex EDR Ransomware protection Bypass☆26Feb 8, 2025Updated last year
- An impacket-lite cli tool that combines many useful impacket functions using a single session.☆57Jan 14, 2026Updated last month
- ☆59Nov 13, 2024Updated last year
- Payload Generation Workflow☆40Jul 18, 2025Updated 7 months ago
- A small tool to convert Base64-encoded .kirbi tickets from Rubeus into .ccache files for Impacket☆73May 18, 2020Updated 5 years ago
- Cross platform (Linux / Windows) shellcode packer for CTFs and pentest / red team exams aiming for AV evasion !☆110Feb 5, 2026Updated 3 weeks ago
- Collection of powershell scripts I used to complete my CARTP and CARTE courses.☆49Aug 20, 2025Updated 6 months ago
- Remote Code Execution via Use-After-Free in JScript.dll (CVE-2025-30397)☆69May 31, 2025Updated 8 months ago
- ☆47Dec 5, 2025Updated 2 months ago
- Find jmp gadgets for call stack spoofing.☆74Oct 1, 2025Updated 4 months ago
- A red teaming attack paradigm against AI Agents☆32Mar 9, 2025Updated 11 months ago
- ☆33Mar 19, 2025Updated 11 months ago
- Generate low-level commands to exploit the AD easily: learn and control every steps.☆65Updated this week
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆31Feb 7, 2025Updated last year
- ☆120May 29, 2025Updated 8 months ago
- Tool to enumerate privileged Scheduled Tasks on Remote Systems☆280Jan 12, 2026Updated last month
- A Rust version of Mirage, a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆38Mar 6, 2025Updated 11 months ago
- A portable C# utility for enumerating local and remote windows sessions☆55Jan 1, 2026Updated last month
- A 64-bit, position-independent code reverse TCP shell for Windows — built in Rust.☆86Apr 26, 2025Updated 10 months ago
- BYOVD hunter to help prioritize windows drivers worth manual analysis☆121Aug 19, 2025Updated 6 months ago
- ☆12Jun 26, 2023Updated 2 years ago
- A Pentester's Powershell Client☆51Nov 23, 2025Updated 3 months ago
- Rootkit for the blue team. Sophisticated and optimized LKM to detect and prevent malicious activity☆34Apr 26, 2024Updated last year
- The ADSyncDump BOF is a port of Dirk-Jan Mollema's adconnectdump.py / ADSyncDecrypt into a Beacon Object File (BOF) with zero dependencie…☆172Sep 3, 2025Updated 5 months ago
- ZYRA: Your Runtime Armor. ZYRA is an Zig-written obfuscator/packer for executable binaries.☆74Aug 5, 2025Updated 6 months ago
- A slightly more fun way to disable windows defender☆52May 4, 2025Updated 9 months ago