Next gen process injection technique
☆54Jul 9, 2020Updated 5 years ago
Alternatives and similar repositories for StackBombing
Users that are interested in StackBombing are comparing it to the libraries listed below
Sorting:
- a stage1 DLL loader with sleep obfuscation☆36Dec 27, 2022Updated 3 years ago
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated 11 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆137Apr 6, 2025Updated 10 months ago
- GeoWordlists is a tool to generate wordlists of passwords containing cities at a defined distance around the client city.☆11Nov 24, 2023Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- Malware?☆77Oct 26, 2025Updated 4 months ago
- Enable or Disable TokenPrivilege(s)☆15May 17, 2024Updated last year
- Use hardware breakpoint to dynamically change SSN in run-time☆279Apr 10, 2024Updated last year
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- GhostWriting Injection Technique.☆195Mar 26, 2018Updated 7 years ago
- Reverse engineering winapi function loadlibrary.☆233Apr 17, 2023Updated 2 years ago
- kernel callback removal (Bypassing EDR Detections)☆211Nov 14, 2025Updated 3 months ago
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- Shadow Rebirth - An Aggressive Outbreak Anti-Debugging Technique☆20Dec 3, 2024Updated last year
- Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls☆389Oct 8, 2024Updated last year
- A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…☆465Aug 23, 2023Updated 2 years ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆57Apr 14, 2025Updated 10 months ago
- A basic exemple of the API-Hashing method used by Red Teamers but also by malwares developers in C++☆37Jan 10, 2024Updated 2 years ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆121Jul 11, 2025Updated 7 months ago
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆287Jan 21, 2024Updated 2 years ago
- A variant of Gargoyle for x64 to hide memory artifacts using ROP only and PIC☆374May 24, 2022Updated 3 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆41Jul 9, 2023Updated 2 years ago
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆263Aug 31, 2025Updated 6 months ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Sleep Obfuscation☆816Dec 3, 2023Updated 2 years ago
- Improved version of EKKO by @5pider that Encrypts only Image Sections☆125Feb 13, 2023Updated 3 years ago
- Library of BOFs to interact with SQL servers☆23Apr 9, 2025Updated 10 months ago
- 2 PE Loader tools that load a PE from memory, decrypt it and make some magic things to execute seamlessly from memory☆50Nov 7, 2025Updated 3 months ago
- Example of using Sleep to create better named pipes.☆41Jul 25, 2023Updated 2 years ago
- WTSRM☆216Aug 7, 2022Updated 3 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆553Apr 8, 2025Updated 10 months ago
- Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven☆261Oct 16, 2024Updated last year
- Your syscall factory☆126Jan 13, 2026Updated last month
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆323Jan 17, 2024Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆71Feb 11, 2024Updated 2 years ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Feb 6, 2026Updated 3 weeks ago
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year