Next gen process injection technique
☆55Jul 9, 2020Updated 5 years ago
Alternatives and similar repositories for StackBombing
Users that are interested in StackBombing are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated last year
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆143Apr 6, 2025Updated last year
- GhostWriting Injection Technique.☆201Mar 26, 2018Updated 8 years ago
- Malware?☆75Oct 26, 2025Updated 7 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Reverse engineering winapi function loadlibrary.☆244Apr 17, 2023Updated 3 years ago
- In-memory hiding technique☆64Jan 5, 2025Updated last year
- PoC for DEF CON 26: Playing Malware Injection with Exploit thoughts☆25Aug 17, 2018Updated 7 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 4 years ago
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆469Aug 23, 2023Updated 2 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆377May 24, 2022Updated 4 years ago
- Use hardware breakpoint to dynamically change SSN in run-time☆280Apr 10, 2024Updated 2 years ago
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆290Jan 21, 2024Updated 2 years ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated 2 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- 自定义函数堆栈,从而绕过ETW检测,这个是完整版。☆15Apr 15, 2024Updated 2 years ago
- A collection of position independent coding resources☆119Nov 15, 2025Updated 6 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 4 months ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆390Oct 8, 2024Updated last year
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆21Dec 3, 2024Updated last year
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆126Feb 13, 2023Updated 3 years ago
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆188Aug 2, 2023Updated 2 years ago
- kernel callback removal (Bypassing EDR Detections)☆221Nov 14, 2025Updated 6 months ago
- End-to-end encrypted email - Proton Mail • AdSpecial offer: 40% Off Yearly / 80% Off First Month. All Proton services are open source and independently audited for security.
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆11Nov 24, 2023Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆75Feb 11, 2024Updated 2 years ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆268Oct 16, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆411Jan 11, 2026Updated 4 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated last year
- AI-based implant feature☆25Apr 28, 2025Updated last year
- Mockingjay process self injection POC☆51Aug 8, 2023Updated 2 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆572Apr 8, 2025Updated last year
- Experiment on reproducing Obfuscate & Sleep☆163Mar 14, 2021Updated 5 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Sleep Obfuscation☆835Dec 3, 2023Updated 2 years ago
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated last year
- Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich☆19Jun 29, 2024Updated last year
- Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP☆130Updated this week
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆328Jan 17, 2024Updated 2 years ago
- A more stealthy variant of "DLL hollowing"☆366Mar 8, 2024Updated 2 years ago
- Shellcode capable of bypassing EAF / IAF mitigations☆30Apr 11, 2023Updated 3 years ago