nbaertsch / ShrikeLinks
Hunting and injecting RWX 'mockingjay' DLLs in pure nim
☆59Updated 10 months ago
Alternatives and similar repositories for Shrike
Users that are interested in Shrike are comparing it to the libraries listed below
Sorting:
- Proxy function calls through the thread pool with ease☆30Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆60Updated 11 months ago
- BOF for C2 framework☆44Updated 11 months ago
- ☆37Updated 6 months ago
- BOF to decrypt Signal Desktop chat logs☆73Updated 8 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆76Updated 2 months ago
- A BOF that suspends non-GUI threads for a target process or resumes them resulting in stealthy process silencing.☆56Updated 6 months ago
- Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h☆39Updated last year
- ☆47Updated 2 years ago
- macOS dylib stager☆36Updated 9 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆30Updated 6 months ago
- Sample Rust Hooking Engine☆36Updated last year
- Sniffing files generator☆59Updated 8 months ago
- Find jmp gadgets for call stack spoofing.☆61Updated 3 weeks ago
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆47Updated 3 months ago
- use python on windows with full submodule support without installation☆30Updated 9 months ago
- ☆38Updated 6 months ago
- A POC for developing BOFs for Sliver, Havoc, Cobalt Strike or most COFFLoaders in Rust.☆34Updated 2 months ago
- SharpExShell automates the DCOM lateral movment technique which abuses ActivateMicrosoftApp method of Excel application.☆74Updated last year
- rust port of pspy with support for process monitoring over dbus☆35Updated 4 months ago
- ☆60Updated last year
- Post-Ex BOF tooling for Hannibal☆24Updated 11 months ago
- A Rust PoC implementation of the Early Bird process hollowing technique, inspired by https://github.com/boku7/HOLLOW.☆30Updated 8 months ago
- remote process injections using pool party techniques☆66Updated 3 months ago
- ☆58Updated last year
- A pure C version of SymProcAddress☆30Updated last year
- Demoting PPL anti-malware services to less than a guest user☆63Updated 8 months ago
- Windows Thread Pool Injection Havoc Implementation☆32Updated last year
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆21Updated 8 months ago