memN0ps / arsenal-rs
Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust
☆248Updated last year
Alternatives and similar repositories for arsenal-rs:
Users that are interested in arsenal-rs are comparing it to the libraries listed below
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆334Updated last year
- Dynamically invoke arbitrary unmanaged code☆336Updated 4 months ago
- Call stack spoofing for Rust☆326Updated last month
- Using fibers to run in-memory code.☆205Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆209Updated 2 years ago
- Threadless Process Injection through entry point hijacking☆342Updated 6 months ago
- Performing Indirect Clean Syscalls☆521Updated last year
- Rust For Windows Cheatsheet☆116Updated 4 months ago
- ROP-based sleep obfuscation to evade memory scanners☆334Updated last month
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆266Updated 7 months ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆273Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆369Updated last year
- Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel.☆229Updated last year
- TartarusGate, Bypassing EDRs☆570Updated 3 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆241Updated 8 months ago
- Shellcode loader designed for evasion. Coded in Rust.☆125Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆323Updated 7 months ago
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆365Updated last year
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆203Updated 2 years ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆423Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆335Updated last month
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆372Updated last year
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆180Updated last year
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆471Updated 2 years ago
- Process Injection using Thread Name☆250Updated 6 months ago
- Apply a divide and conquer approach to bypass EDRs☆279Updated last year
- WTSRM☆209Updated 2 years ago
- Some POCs for my BYOVD research and find some vulnerable drivers☆183Updated 6 months ago
- ☆254Updated last year
- Experimental Windows x64 Kernel Rootkit with anti-rootkit evasion features.☆527Updated 2 weeks ago