Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution
☆130Dec 24, 2025Updated 2 months ago
Alternatives and similar repositories for IRvana
Users that are interested in IRvana are comparing it to the libraries listed below
Sorting:
- Beacon Debugger☆55Oct 28, 2024Updated last year
- A set of LLVM and GCC based plugins that perform code obfuscation.☆140Oct 20, 2025Updated 4 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆125Dec 6, 2024Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆249Sep 8, 2024Updated last year
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆122Sep 8, 2024Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆264Aug 31, 2025Updated 6 months ago
- SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.☆309Feb 16, 2026Updated 2 weeks ago
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆283Sep 18, 2024Updated last year
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆79Jul 25, 2025Updated 7 months ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆73Apr 13, 2025Updated 10 months ago
- A reflective DLL development template for the Rust programming language☆115Nov 4, 2025Updated 4 months ago
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- ☆51May 4, 2025Updated 10 months ago
- ☆18Jun 16, 2025Updated 8 months ago
- A rust proof of concept to demonstrate registry overwriting via RegRestoreKey using the Offline Registry Library☆24Nov 13, 2025Updated 3 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆30Sep 24, 2025Updated 5 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆42Aug 6, 2024Updated last year
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆34Jun 23, 2024Updated last year
- shell code example☆68Dec 12, 2025Updated 2 months ago
- An example reference design for a proposed BOF PE☆201Jan 23, 2026Updated last month
- BOF to decrypt Signal Desktop chat logs☆70Feb 20, 2025Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- CreateRemoteThreadPlus: how to pass multiple parameters to the remote thread function without shellcode.☆138Jul 10, 2025Updated 7 months ago
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- Proof-of-concept code for understanding the allow-jit entitlement on macOS☆31Feb 19, 2026Updated 2 weeks ago
- An example of an external LLVM plugin module transform pass for the latest versions.☆14Oct 21, 2025Updated 4 months ago
- DorkTerm is a terminal-themed web-based security tool designed to assist security researchers in performing Google Dork queries efficient…☆16Jan 25, 2026Updated last month
- Finding Truth in the Shadows☆123Jan 26, 2023Updated 3 years ago
- A BOF to retrieve decryption keys for WhatsApp Desktop and a utility script to decrypt the databases.☆87Mar 2, 2025Updated last year
- A cross-platform C++ framework for building Windows shellcode☆161Updated this week
- Win32 keylogger that supports all (non-ime using) languages correctly☆53Dec 21, 2023Updated 2 years ago
- A sophisticated, covert Windows-based credential dumper using C++ and MASM x64.☆443Jul 8, 2024Updated last year
- Reverse engineering winapi function loadlibrary.☆237Apr 17, 2023Updated 2 years ago
- Generate Secure, Polymorphic, Evasive (lol) Payloads☆30Oct 2, 2025Updated 5 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆85Aug 13, 2024Updated last year
- A powerful shell script for creating custom WSL (Windows Subsystem for Linux) distributions with embedded payloads.☆71Nov 16, 2025Updated 3 months ago
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆187Oct 29, 2025Updated 4 months ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆326Oct 20, 2025Updated 4 months ago