marpie / signed-loaders
signed-loaders documents Windows executables that can be used for side-loading DLLs.
☆67Updated 6 years ago
Alternatives and similar repositories for signed-loaders:
Users that are interested in signed-loaders are comparing it to the libraries listed below
- A demo of the relevant blog post: https://www.arashparsa.com/hook-heaps-and-live-free/☆184Updated 3 years ago
- Shellcode injection POC using syscalls.☆115Updated 4 years ago
- Example code for EDR bypassing☆150Updated 6 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 5 years ago
- Example code for using named pipe output with beacon ReflectiveDLLs☆113Updated 4 years ago
- Beacon Object File (BOF) Creation Helper☆225Updated 2 years ago
- ☆148Updated 4 years ago
- C# Shellcode Runner to execute shellcode via CreateRemoteThread and SetThreadContext to evade Get-InjectedThread☆119Updated 5 years ago
- Weaponizing for Arbitrary Files/Directories Delete bugs to Get NT AUTHORITY\SYSTEM☆122Updated 4 years ago
- CVE-2021-1732 poc & exp; tested on 20H2☆67Updated 3 years ago
- Privilege Escalation Via RpcSs svc☆176Updated 3 years ago
- A Collection of In-Memory Shellcode Execution Techniques for Windows☆147Updated 5 years ago
- Shellcode injector using direct syscalls☆119Updated 4 years ago
- PoC to demonstrate how CLR ETW events can be tampered.☆185Updated 4 years ago
- Collection of beacon object files for use with Cobalt Strike to facilitate 🐚.☆174Updated 4 years ago
- Pseudo-malicious usermode memory artifact generator kit designed to easily mimic the footprints left by real malware on an infected Windo…☆222Updated 11 months ago
- Hijack Printconfig.dll to execute shellcode☆97Updated 4 years ago
- Windows PE - TLS (Thread Local Storage) Injector in C/C++☆105Updated 4 years ago
- ☆112Updated 4 years ago
- Beacon.dll reverse☆139Updated 3 years ago
- my learning case about windows☆21Updated 3 years ago
- ☆50Updated 4 years ago
- CobaltStrike BOF - Inject ETW Bypass into Remote Process via Syscalls (HellsGate|HalosGate)☆277Updated 3 years ago
- use COM Object hijacking to maintain persistence.(Hijack CAccPropServicesClass and MMDeviceEnumerator)☆58Updated 7 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆211Updated 2 years ago
- ☆161Updated 3 years ago
- A simple C implementation to decoded your shellcode and writes it directly to memory☆94Updated 4 years ago
- Project to check which Nt/Zw functions your local EDR is hooking☆182Updated 3 years ago
- My CobaltStrike BOFS☆162Updated 2 years ago
- Manual Map DLL injection implemented with Cobalt Strike's Beacon Object Files.☆151Updated 4 years ago