Loader Pre-Technology, Main thread hijacking without using API, get ntdll and kernel32 handle without peb. 加载器前置技术,不使用API进行主线程劫持,不使用PEB获取ntdll和kernel32的地址。
☆91Jul 26, 2025Updated 7 months ago
Alternatives and similar repositories for NTR_loader
Users that are interested in NTR_loader are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Get sql server connection configuration information☆28Aug 26, 2024Updated last year
- EventViewer Bypass Uac Bof☆23Jul 23, 2022Updated 3 years ago
- 重构Beacon☆165Aug 19, 2024Updated last year
- Resolve the issue of DLLmain function in white and black DLLs hanging when calling shellcode☆203May 28, 2024Updated last year
- 主要用于隐藏进程真实路径,进程带windows真签名☆119Oct 15, 2024Updated last year
- 在线安软识别☆12Aug 6, 2025Updated 7 months ago
- 复现《EDR的梦魇:Storm-0978使用新型内核注入技术“Step Bear”》☆161Oct 27, 2024Updated last year
- This is the tool to dump the LSASS process on modern Windows 11☆563Nov 1, 2025Updated 4 months ago
- 自动化找白文件,用于扫描 EXE 文件的导入表,列出导入的DLL文件,并筛选出非系统DLL,符合条件的文件将被复制到特定的 X64 或 X86 文件夹☆565Dec 14, 2025Updated 3 months ago
- 批量处理url链接,获取多级路径并打印☆46Jul 12, 2023Updated 2 years ago
- ☆19Jan 25, 2024Updated 2 years ago
- 通过Dump内存读取ToDesk设备代码、连接密码☆243Sep 9, 2024Updated last year
- 寻找可利用的白文件☆559Aug 18, 2025Updated 7 months ago
- A tool written in golang which compress using UPX and patch it with the provided PE file to make "UPX -d" flag impossible to decompress a…☆31Jan 2, 2025Updated last year
- ☆12Nov 17, 2024Updated last year
- Bypass YARA rule Windows_Trojan_CobaltStrike_f0b627fc by generating alternative shellcode sequences.☆53Oct 2, 2025Updated 5 months ago
- Visual Studio .suo文件反序列化漏洞利用工具☆17Jun 28, 2025Updated 8 months ago
- PoC for a Havoc agent/handler setup with all C2 traffic routed through GitHub. No direct connections: all commands and responses are rela…☆45Jul 9, 2025Updated 8 months ago
- Stealthy Payload loader with Anti-EDR Capabilities☆135Apr 21, 2025Updated 11 months ago
- 一种通过进程注入实现强制关闭部分杀软进程的方法(以360安全卫士和360杀毒为例)☆138Dec 26, 2023Updated 2 years ago
- 利用RPC服务,批量探测内网Windows出网情况☆126Mar 20, 2022Updated 4 years ago
- Next Generation C2 Framework, IoM-server/client☆433Updated this week
- 集成了截图 键盘记录 剪贴版功能,用于网络限制场景下的信息搜集☆89May 18, 2024Updated last year
- 利用EFSRPC协议批量探测出网☆67Oct 12, 2023Updated 2 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆28Jan 4, 2024Updated 2 years ago
- grs内网穿透工具通过reality协议隐藏特征☆613Dec 4, 2025Updated 3 months ago
- Zerologon exploit with restore DC password automatically☆145Mar 15, 2024Updated 2 years ago
- 一款基于PE Patch技术的后渗透免杀工具,主要支持x64☆355Mar 5, 2025Updated last year
- ☆50Jul 9, 2025Updated 8 months ago
- 基于 OPSEC 的 CobaltStrike 后渗透自动化链☆451Mar 11, 2024Updated 2 years ago
- Load CLR to get RWX 通过加载clr在自身内存中产生rwx空间☆22Sep 28, 2022Updated 3 years ago
- 使用Visral Studio开发ShellCode☆239Oct 11, 2023Updated 2 years ago
- 利用阿里云oss对象存储,来转发http流量实现(cs)Cobalt Strike、msf 上线等 这之间利用阿里云的相关域名进行通信。☆169Jan 12, 2023Updated 3 years ago
- ☆456Aug 27, 2024Updated last year
- 收集云沙箱上线C2的ip,如微X、奇XX、3X0、virustX等☆125Oct 23, 2023Updated 2 years ago
- Nacos JRaft Hessian 反序列化 RCE 加载字节码 注入内存马 不出网利用☆847Jul 7, 2023Updated 2 years ago
- Mssql利用工具☆277Aug 7, 2023Updated 2 years ago
- 一款使用rust开发的高性能正反向隧道代理工具,基于多路复用技术。☆347Jun 19, 2025Updated 9 months ago
- 基于个人习惯使用C/C++的shellcode开发项目模�板☆50Aug 20, 2024Updated last year