NailaoLoader: Hiding Execution Flow via Patching
☆23Feb 27, 2025Updated last year
Alternatives and similar repositories for NailaoLoader-Hiding-Execution-Flow
Users that are interested in NailaoLoader-Hiding-Execution-Flow are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Eset-Unload is a C++ tool that interacts with a process's loaded modules to identify and unload the ebehmoni.dll module, typically found …☆12Apr 21, 2025Updated 11 months ago
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 10 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- Proxy function calls through the thread pool with ease�☆31Feb 27, 2025Updated last year
- OFFZONE 2024 Malware Persistence workshop☆22Dec 18, 2024Updated last year
- Simple, predictable pricing with DigitalOcean hosting • AdAlways know what you'll pay with monthly caps and flat pricing. Enterprise-grade infrastructure trusted by 600k+ customers.
- Cobalt Strike UDRL for memory scanner evasion.☆52Dec 4, 2023Updated 2 years ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 11 months ago
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆27Apr 21, 2025Updated 11 months ago
- My latest setup configs.☆10Aug 7, 2016Updated 9 years ago
- ☆38Apr 15, 2025Updated 11 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Stage 0☆169Dec 18, 2024Updated last year
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆15Apr 21, 2025Updated 11 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting with the flexibility to host WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Cloudways by DigitalOcean.
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆125Jul 11, 2025Updated 8 months ago
- ☆21Jan 8, 2026Updated 2 months ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 10 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆75May 1, 2024Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Whenever PowerShell is launched, Notepad will also open. You can customize the script for educational purposes, but I emphasize that I do…☆12Apr 21, 2025Updated 11 months ago
- Detect Remote Local Credentials Dumping using a Shadow Snapshot☆32Jan 27, 2025Updated last year
- DigitalOcean Gradient AI Platform • AdBuild production-ready AI agents using customizable tools or access multiple LLMs through a single endpoint. Create custom knowledge bases or connect external data.
- ☆33Jan 23, 2025Updated last year
- BOF with Synthetic Stackframe☆235Oct 30, 2025Updated 4 months ago
- Examples how to use a Assm (Assembly) in a go.☆24Apr 21, 2025Updated 11 months ago
- Shellcode Loader Utilizing ETW Events☆66Feb 26, 2025Updated last year
- Shellcode loader written in C and Assembly utilizing direct or indirect syscalls to evade UM EDR hooks☆139Dec 22, 2024Updated last year
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆28May 13, 2025Updated 10 months ago
- NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-bui…☆234Feb 12, 2025Updated last year
- A malicous Golang Package☆15Apr 21, 2025Updated 11 months ago
- Exploit for CVE-2024-0402 in Gitlab☆15Mar 18, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- ☆20Nov 8, 2020Updated 5 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 10 months ago
- A small red team course☆40Jun 6, 2023Updated 2 years ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆129Jul 5, 2024Updated last year
- Shellcode capable of bypassing EAF / IAF mitigations☆28Apr 11, 2023Updated 2 years ago
- PoC XLL builder in Python/Nim☆50Nov 21, 2022Updated 3 years ago