naksyn/ModuleShifting external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

naksyn/ModuleShifting

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/naksyn/ModuleShifting)

Close

naksyn / ModuleShiftingView on GitHubMore

• External links
• Readme badge

Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes

☆133Sep 27, 2023Updated 2 years ago

Alternatives and similar repositories for ModuleShifting

Users that are interested in ModuleShifting are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• x0reaxeax / PageSplit

  View on GitHub
  Splitting and executing shellcode across multiple pages
  ☆105Jun 8, 2023Updated 2 years ago
• CognisysGroup / SweetDreams

  View on GitHub
  Implementation of Advanced Module Stomping and Heap/Stack Encryption
  ☆227Jul 25, 2023Updated 2 years ago
• lap1nou / CLR_Heap_encryption

  View on GitHub
  ☆103Oct 7, 2023Updated 2 years ago
• susMdT / effective-waffle

  View on GitHub
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69May 11, 2023Updated 3 years ago
• kleiton0x00 / Proxy-DLL-Loads

  View on GitHub
  A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.
  ☆412Jan 11, 2026Updated 4 months ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• S3cur3Th1sSh1t / Ruy-Lopez

  View on GitHub
  ☆321Jun 28, 2023Updated 2 years ago
• BlackSnufkin / NovaLdr

  View on GitHub
  Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
  ☆267Jun 29, 2024Updated last year
• securifybv / BOFRyptor

  View on GitHub
  ☆124Oct 9, 2023Updated 2 years ago
• CognisysGroup / HadesLdr

  View on GitHub
  Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2
  ☆295Jul 15, 2023Updated 2 years ago
• CymulateResearch / Blindside

  View on GitHub
  Utilizing hardware breakpoints to evade monitoring by Endpoint Detection and Response platforms
  ☆140Dec 20, 2022Updated 3 years ago
• Octoberfest7 / enumhandles_BOF

  View on GitHub
  ☆127Sep 1, 2024Updated last year
• WKL-Sec / dcomhijack

  View on GitHub
  Lateral Movement Using DCOM and DLL Hijacking
  ☆326Jun 18, 2023Updated 2 years ago
• JanielDary / ImmoralFiber

  View on GitHub
  Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…
  ☆286Sep 18, 2024Updated last year
• ElliotKillick / LdrLockLiberator

  View on GitHub
  For when DLLMain is the only way
  ☆436Oct 29, 2024Updated last year
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• maliciousgroup / RDI-SRDI

  View on GitHub
  This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".
  ☆88Apr 11, 2023Updated 3 years ago
• VoldeSec / PatchlessCLRLoader

  View on GitHub
  .NET assembly loader with patchless AMSI and ETW bypass
  ☆380Apr 19, 2023Updated 3 years ago
• kyleavery / pendulum

  View on GitHub
  Linux Sleep Obfuscation
  ☆117Jan 7, 2024Updated 2 years ago
• zimnyaa / inmembof.py

  View on GitHub
  A small example of loading BOFs in Python with pure reflection
  ☆19Jan 26, 2023Updated 3 years ago
• zimnyaa / noWatch

  View on GitHub
  Implant drop-in for EDR testing
  ☆148Nov 15, 2023Updated 2 years ago
• OtterHacker / SetProcessInjection

  View on GitHub
  ☆156Oct 2, 2023Updated 2 years ago
• kyleavery / AceLdr

  View on GitHub
  Cobalt Strike UDRL for memory scanner evasion.
  ☆1,015Jun 4, 2024Updated last year
• reveng007 / DarkWidow

  View on GitHub
  Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …
  ☆799Jan 26, 2026Updated 3 months ago
• S3cur3Th1sSh1t / Caro-Kann

  View on GitHub
  Encrypted shellcode Injection to avoid Kernel triggered memory scans
  ☆415Sep 12, 2023Updated 2 years ago
• Wordpress hosting with auto-scaling - Free Trial Offer • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• Kudaes / EPI

  View on GitHub
  Threadless Process Injection through entry point hijacking
  ☆353Sep 10, 2024Updated last year
• naksyn / DojoLoader

  View on GitHub
  Generic PE loader for fast prototyping evasion techniques
  ☆246Jul 2, 2024Updated last year
• LloydLabs / shellcode-plain-sight

  View on GitHub
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆211Nov 12, 2025Updated 6 months ago
• waldo-irc / YouMayPasser

  View on GitHub
  You shall pass
  ☆270Jul 16, 2022Updated 3 years ago
• Dec0ne / DllNotificationInjection

  View on GitHub
  A POC of a new “threadless” process injection technique that works by utilizing the concept of DLL Notification Callbacks in local and re…
  ☆469Aug 23, 2023Updated 2 years ago
• weaselsec / ClickOnce-AppDomain-Manager-Injection

  View on GitHub
  Click Once + App Domain
  ☆67Feb 23, 2026Updated 2 months ago
• rad9800 / misc

  View on GitHub
  miscellaneous scripts and programs
  ☆285May 13, 2026Updated last week
• hlldz / misc

  View on GitHub
  miscellaneous codes
  ☆38Sep 24, 2023Updated 2 years ago
• SolomonSklash / SleepyCrypt

  View on GitHub
  A shellcode function to encrypt a running process image when sleeping.
  ☆340Sep 11, 2021Updated 4 years ago
• GPU virtual machines on DigitalOcean Gradient AI • Ad
  Get to production fast with high-performance AMD and NVIDIA GPUs you can spin up in seconds. The definition of operational simplicity.
• susMdT / LoudSunRun

  View on GitHub
  Stack Spoofing with Synthetic frames based on the work of namazso, SilentMoonWalk, and VulcanRaven
  ☆268Oct 16, 2024Updated last year
• ipSlav / DirtyCLR

  View on GitHub
  An App Domain Manager Injection DLL PoC on steroids
  ☆213Dec 14, 2023Updated 2 years ago
• x42en / sysplant

  View on GitHub
  Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP
  ☆130May 11, 2026Updated last week
• Cobalt-Strike / CallStackMasker

  View on GitHub
  A PoC implementation for dynamically masking call stacks with timers.
  ☆311Feb 13, 2023Updated 3 years ago
• outflanknl / unmanaged-dotnet-patch

  View on GitHub
  Modify managed functions from unmanaged code
  ☆53Feb 1, 2024Updated 2 years ago
• Cracked5pider / KaynLdr

  View on GitHub
  KaynLdr is a Reflective Loader written in C/ASM
  ☆553Dec 3, 2023Updated 2 years ago
• xforcered / BOFMask

  View on GitHub
  ☆128Jun 28, 2023Updated 2 years ago