joaoviictorti / uwdLinks
Call Stack Spoofing for Rust
☆188Updated last week
Alternatives and similar repositories for uwd
Users that are interested in uwd are comparing it to the libraries listed below
Sorting:
- Memory Obfuscation in Rust☆255Updated 3 weeks ago
- DLL proxying for lazy people☆187Updated 3 weeks ago
- A Rust port of LayeredSyscall — performs indirect syscalls while generating legitimate API call stack frames by abusing VEH.☆155Updated 10 months ago
- Dynamically invoke arbitrary code and use various tricks written idiomatically in Rust (Dinvoke)☆93Updated 2 weeks ago
- A reflective DLL development template for the Rust programming language☆109Updated 4 months ago
- Call stack spoofing for Rust☆348Updated 7 months ago
- Activation Context Hijack☆165Updated last month
- A runas implementation with extra features in Rust☆48Updated 3 weeks ago
- Rust For Windows Cheatsheet☆121Updated 10 months ago
- A COFF Loader written in Rust☆123Updated last week
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆190Updated last week
- ☆197Updated last year
- Rust malware EDR evasion via direct syscalls, fully implemented as an example in Rust☆66Updated last year
- Windows rootkit designed to work with BYOVD exploits☆206Updated 8 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆144Updated 4 months ago
- Some Rust program I wrote while learning Malware Development☆146Updated 7 months ago
- Using fibers to run in-memory code.☆220Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆99Updated 6 months ago
- ROP-based sleep obfuscation to evade memory scanners☆363Updated 3 months ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆227Updated 2 years ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆192Updated 3 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆225Updated 7 months ago
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆105Updated last year
- Payload encoding utility to effectively lower payload entropy.☆119Updated 5 months ago
- Shellcode loader that executes embedded Lua from Rust.☆126Updated 9 months ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆271Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated last year
- Host CLR and run .NET binaries using Rust☆130Updated last week
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆239Updated 3 weeks ago
- kernel callback removal (Bypassing EDR Detections)☆189Updated 6 months ago