knight0x07 / NailaoLoader-Hiding-Execution-FlowLinks
NailaoLoader: Hiding Execution Flow via Patching
☆20Updated 7 months ago
Alternatives and similar repositories for NailaoLoader-Hiding-Execution-Flow
Users that are interested in NailaoLoader-Hiding-Execution-Flow are comparing it to the libraries listed below
Sorting:
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Updated 8 months ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆73Updated last month
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆59Updated 4 months ago
- ☆29Updated 8 months ago
- ☆93Updated last year
- Folder Or File Delete to Get System Shell on Current Session Desktop☆45Updated 8 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆62Updated last year
- ☆100Updated 2 years ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆41Updated last year
- ☆38Updated 5 months ago
- ☆50Updated 3 months ago
- Windows AppLocker Driver (appid.sys) LPE☆66Updated last year
- Post-Ex BOF tooling for Hannibal☆24Updated 10 months ago
- Locate dlls and function addresses without PEB Walk and EAT parsing☆89Updated 2 months ago
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆62Updated 7 months ago
- A bunch of shenanigans using functions, VEH and more☆35Updated 4 months ago
- Shellcode Loader Utilizing ETW Events☆65Updated 7 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆44Updated last year
- BOF for C2 framework☆43Updated 11 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆122Updated last month
- Threadless shellcode injection tool☆67Updated last year
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆30Updated 6 months ago
- Less sugar (entropy) for your binaries☆34Updated 3 weeks ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆83Updated 11 months ago
- ☆32Updated 6 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆23Updated 2 years ago
- Toolset to manipulate RPC clients by finding delayed services and masquerading as them☆94Updated last month
- A work in progress BOF/COFF loader in Rust☆50Updated 2 years ago
- Linux Sleep Obfuscation☆106Updated last year