jstrosch / sclauncherLinks
A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode.
☆150Updated 11 months ago
Alternatives and similar repositories for sclauncher
Users that are interested in sclauncher are comparing it to the libraries listed below
Sorting:
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆314Updated last year
- ☆115Updated last month
- Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in thi…☆165Updated 2 months ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆346Updated 4 months ago
- An automation plugin for Tiny-Tracer framework to trace and watch functions directly out of the executable's import table or trace logs (…☆116Updated 11 months ago
- Collect Windows telemetry for Maldev☆356Updated 4 months ago
- MSI Dump - a tool that analyzes malicious MSI installation packages, extracts files, streams, binary data and incorporates YARA scanner.☆213Updated 2 years ago
- ☆169Updated 2 months ago
- Evasion Escaper is a project aimed at evading the checks that malicious software performs to detect if it's running in a virtual environm…☆106Updated 4 months ago
- A ProcessMonitor visualization application written in rust.☆181Updated last year
- Finding secrets in kernel and user memory☆116Updated last year
- Exploitation of process killer drivers☆201Updated last year
- ETW based POC to identify direct and indirect syscalls☆187Updated 2 years ago
- Combining Sealighter with unpatched exploits to run the Threat-Intelligence ETW Provider☆176Updated 2 years ago
- ☆105Updated 11 months ago
- Tools and technical write-ups describing attacking techniques that rely on concealing code execution on Windows☆216Updated 2 years ago
- SHAREM is a shellcode analysis framework, capable of emulating more than 20,000 WinAPIs and virutally all Windows syscalls. It also conta…☆394Updated last month
- EDRSandblast-GodFault☆266Updated last year
- Repository of Yara Rules☆111Updated 2 months ago
- ☆257Updated last year
- Tools for analyzing EDR agents☆230Updated last year
- ☆189Updated last year
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆231Updated last year
- ☆119Updated last year
- Windows rootkit designed to work with BYOVD exploits☆200Updated 5 months ago
- ☆259Updated 2 years ago
- Detect strange memory regions and DLLs☆184Updated 3 years ago
- Slides & Code snippets for a workshop held @ x33fcon 2024☆260Updated last year
- Native Syscalls Shellcode Injector☆267Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆110Updated last year