mitjakolsek / EvilSlnLinks
A New Exploitation Technique for Visual Studio Projects
☆44Updated 2 years ago
Alternatives and similar repositories for EvilSln
Users that are interested in EvilSln are comparing it to the libraries listed below
Sorting:
- UAC Bypass using UIAccess program QuickAssist☆208Updated 2 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆269Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆288Updated last year
- Waiting Thread Hijacking - injection by overwriting the return address of a waiting thread☆262Updated 5 months ago
- Reflective DLL Injection Made Bella☆248Updated last year
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆296Updated last year
- ( 0day ) Local Privilege Escalation in IObit Malware Fighter☆164Updated 10 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆282Updated 10 months ago
- Code execution/injection technique using DLL PEB module structure manipulation☆220Updated 8 months ago
- Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls☆214Updated 5 months ago
- The following two code samples can be used to understand the difference between direct syscalls and indirect syscalls☆225Updated 2 years ago
- ☆262Updated 7 months ago
- This is the loader that supports running a program with Protected Process Light (PPL) protection functionality.☆294Updated 3 months ago
- Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)☆79Updated last year
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆198Updated 7 months ago
- Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver☆152Updated 2 years ago
- PoC for thread pool based process injection in Windows.☆120Updated 10 months ago
- ☆281Updated last year
- find dll base addresses without PEB WALK☆157Updated 7 months ago
- Chrome COOKIE v20 decryption PoC☆224Updated 7 months ago
- POC exploit for CVE-2025-21333 heap-based buffer overflow. It leverages WNF state data and I/O ring IOP_MC_BUFFER_ENTRY☆226Updated 10 months ago
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆104Updated last year
- kernel callback removal (Bypassing EDR Detections)☆211Updated 2 months ago
- kernel-mode DLL Injector☆125Updated 9 months ago
- C2☆120Updated last month
- Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process☆286Updated 2 years ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆201Updated 2 months ago
- Injecting DLL into LSASS at boot☆156Updated 9 months ago
- A malware-analysis tool that identify the exact position and details of malicious content in binary files using external Anti-Virus scann…☆38Updated 2 years ago
- Exploitation of process killer drivers☆202Updated 2 years ago