memN0ps / arsenal-rs
Rusty Arsenal - A collection of experimental Process Injection and Post-Exploitation Techniques in Rust
☆246Updated last year
Alternatives and similar repositories for arsenal-rs:
Users that are interested in arsenal-rs are comparing it to the libraries listed below
- Rusty Injection - Shellcode Reflective DLL Injection (sRDI) in Rust (Codename: Venom)☆333Updated last year
- Dynamically invoke arbitrary unmanaged code☆334Updated 3 months ago
- Call stack spoofing for Rust☆324Updated last month
- Using fibers to run in-memory code.☆203Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆207Updated last year
- Threadless Process Injection through entry point hijacking☆342Updated 6 months ago
- Performing Indirect Clean Syscalls☆517Updated last year
- ROP-based sleep obfuscation to evade memory scanners☆332Updated last month
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆239Updated 8 months ago
- Rust For Windows Cheatsheet☆115Updated 4 months ago
- Shellcode loader designed for evasion. Coded in Rust.☆125Updated 2 years ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆322Updated 7 months ago
- Template-based shellcode packer written in Rust, with indirect syscall support. Made with <3 for pentesters.☆265Updated 7 months ago
- C++ self-Injecting dropper based on various EDR evasion techniques.☆366Updated last year
- Encrypted shellcode Injection to avoid Kernel triggered memory scans☆365Updated last year
- BOF implementation of @_EthicalChaos_'s ThreadlessInject project. A novel process injection technique with no thread creation, released a…☆371Updated last year
- A COFF loader made in Rust☆282Updated 5 months ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆472Updated 2 years ago
- LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time.☆272Updated last year
- WTSRM☆209Updated 2 years ago
- ☆253Updated last year
- Revenant - A 3rd party agent for Havoc that demonstrates evasion techniques in the context of a C2 framework☆373Updated 7 months ago
- TartarusGate, Bypassing EDRs☆567Updated 3 years ago
- Reduce Entropy And Obfuscate Youre Payload With Serialized Linked Lists☆419Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆277Updated 9 months ago
- Native Syscalls Shellcode Injector☆264Updated last year
- miscellaneous scripts and programs☆235Updated last month
- Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak☆202Updated 2 years ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆656Updated last year
- Process Injection using Thread Name☆248Updated 6 months ago