jrrgimenez / Nim-HalosGate-Injector
Shellcode Injector that obtains system call opcodes using the Halo's Gate method to evade EDR Hooks.
☆19Updated 2 years ago
Alternatives and similar repositories for Nim-HalosGate-Injector:
Users that are interested in Nim-HalosGate-Injector are comparing it to the libraries listed below
- ☆47Updated last year
- Beacon Object Files (not Buffer Overflows)☆53Updated last year
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆38Updated last year
- A care package of useful bofs for red team engagments☆54Updated last month
- Run Cobalt Strike BOFs in Brute Ratel C4!☆61Updated 3 weeks ago
- PoC XLL builder in Python/Nim☆43Updated 2 years ago
- Basic implementation of Cobalt Strikes - User Defined Reflective Loader feature☆98Updated last year
- A third-party Gopher Assassin for the Havoc Framework.☆45Updated last year
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆68Updated 8 months ago
- My implementation of Halo's Gate technique in C#☆53Updated 2 years ago
- ShellcodeFluctuation PoC ported to Nim☆75Updated 2 years ago
- DLL Exports Extraction BOF with optional NTFS transactions.☆80Updated 3 years ago
- These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…☆19Updated last year
- SharpElevator is a C# implementation of Elevator for UAC bypass. This UAC bypass was originally discovered by James Forshaw and publishe…☆50Updated 2 years ago
- Cobalt Strike UDRL for memory scanner evasion.☆44Updated last year
- Click Once + App Domain☆63Updated last year
- ☆43Updated last year
- Lockless BOF☆62Updated 11 months ago
- A work in progress BOF/COFF loader in Rust☆46Updated last year
- Simple .NET loader for loading and executing Powershell payloads☆15Updated 3 years ago
- Beacon Object File allowing creation of Beacons in different sessions.☆78Updated 2 years ago
- I have documented all of the AMSI patches that I learned till now☆69Updated last year
- A simple BOF that frees UDRLs☆115Updated 2 years ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year
- Section Mapping Process Injection (secinject): Cobalt Strike BOF☆91Updated 3 years ago
- Sleep Obfuscation☆43Updated 2 years ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆65Updated 2 weeks ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆70Updated 11 months ago
- Tool for playing with Windows Access Token manipulation.☆53Updated 2 years ago
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆172Updated last year