RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
β1,834Dec 29, 2025Updated 2 months ago
Alternatives and similar repositories for RustRedOps
Users that are interested in RustRedOps are comparing it to the libraries listed below
Sorting:
- Rust Weaponization for Red Team Engagements.β2,986Apr 25, 2024Updated last year
- Rust for malware Development is a repository for advanced Red Team techniques and offensive malwares & Ransomwares, focused on Rust π¦β3,311Feb 17, 2026Updated last week
- windows-rs shellcode loadersβ393Jul 11, 2024Updated last year
- ROP-based sleep obfuscation to evade memory scannersβ376Jun 22, 2025Updated 8 months ago
- A COFF loader made in Rustβ328Aug 20, 2025Updated 6 months ago
- Windows Kernel Rootkit in Rustβ679Oct 10, 2025Updated 4 months ago
- LSASS memory dumper using only NTAPIs, creating a minimal minidump. It can be compiled as shellcode (PIC), supports XOR encryption, and rβ¦β384Apr 26, 2025Updated 10 months ago
- A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the β¦β1,821Nov 3, 2024Updated last year
- Real fucking shellcode encryptor & obfuscator toolβ1,011Jan 7, 2026Updated last month
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.β318Jun 24, 2025Updated 8 months ago
- Dump cookies and credentials directly from Chrome/Edge process memoryβ1,408Jan 19, 2026Updated last month
- A Rust port of LayeredSyscall β performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.β161Oct 31, 2024Updated last year
- A BOF that runs unmanaged PEs inlineβ681Oct 23, 2024Updated last year
- EDR Lab for Experimentation Purposesβ1,413Updated this week
- Collection of Beacon Object Files (BOF) for Cobalt Strikeβ675Aug 15, 2025Updated 6 months ago
- A beacon object file implementation of PoolParty Process Injection Technique.β434Dec 21, 2023Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.β1,006Jun 4, 2024Updated last year
- Nameless C2 - A C2 with all its components written in Rustβ283Sep 26, 2024Updated last year
- Because AV evasion should be easy.β859Nov 28, 2024Updated last year
- This map lists the essential techniques to bypass anti-virus and EDRβ3,161Mar 28, 2025Updated 11 months ago
- A memory-based evasion technique which makes shellcode invisible from process start to end.β1,198Oct 16, 2023Updated 2 years ago
- A modern 32/64-bit position independent implant templateβ1,295Mar 21, 2025Updated 11 months ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layerβ539Feb 13, 2024Updated 2 years ago
- Freeze.rs is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls written in RUSTβ721Aug 18, 2023Updated 2 years ago
- A command and control framework written in rust.β384Sep 4, 2025Updated 5 months ago
- Cobalt Strike HTTPS beaconing over Microsoft Graph APIβ622Jun 25, 2024Updated last year
- Call stack spoofing for Rustβ356Feb 7, 2025Updated last year
- A tool employs direct registry manipulation to create scheduled tasks without triggering the usual event logs.β614Jan 2, 2025Updated last year
- Collection of UAC Bypass Techniques Weaponized as BOFsβ607Feb 21, 2024Updated 2 years ago
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird β¦β776Jan 26, 2026Updated last month
- HVNC for Cobalt Strikeβ1,298Dec 7, 2023Updated 2 years ago
- Situational Awareness commands implemented using Beacon Object Filesβ1,722Updated this week
- A Rust implementation of GodPotato β abusing SeImpersonate to gain SYSTEM privileges. Includes a TCP-based reverse shell and indirect NTAβ¦β354Apr 26, 2025Updated 10 months ago
- A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniβ¦β1,370Oct 27, 2023Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)β701May 7, 2025Updated 9 months ago
- SysWhispers on Steroids - AV/EDR evasion via direct system calls.β1,592Jul 31, 2024Updated last year
- Threadless Process Injection using remote function hooking.β810Sep 4, 2024Updated last year
- A set of fully-undetectable process injection techniques abusing Windows Thread Poolsβ1,248Dec 11, 2023Updated 2 years ago
- Call Stack Spoofing for Rustβ210Jan 28, 2026Updated last month