nbaertsch / nimvoke
Indirect syscalls + DInvoke made simple.
☆90Updated 2 months ago
Alternatives and similar repositories for nimvoke:
Users that are interested in nimvoke are comparing it to the libraries listed below
- Writing Nimless Nim - Slides and source for BSIDESKC 2024 talk.☆78Updated 9 months ago
- malware written for educational purposes☆64Updated 4 months ago
- Sleep obfuscation for shellcode implants and their reflective shit☆51Updated last year
- NimReflectiveLoader is a Nim-based tool for in-memory DLL execution using Reflective DLL Loading.☆26Updated last year
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆149Updated 2 months ago
- PoC XLL builder in Python/Nim☆44Updated 2 years ago
- Just another C2 Redirector using CloudFlare. Support multiple C2 and multiple domains. Support for websocket listener.☆118Updated this week
- Construct the payload at runtime using an array of offsets☆62Updated 8 months ago
- Simple EDR that injects a DLL into a process to place a hook on specific Windows API☆90Updated last year
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 8 months ago
- Adversary Emulation Framework☆91Updated 7 months ago
- a port of privkit bof for havoc☆23Updated last year
- Threadless shellcode injection tool☆63Updated 7 months ago
- D/Invoke implementation in Nim☆100Updated 2 years ago
- Find DLLs with RWX section☆76Updated last year
- Sample Rust Hooking Engine☆36Updated 11 months ago
- A collection of position independent coding resources☆66Updated 3 weeks ago
- ☆95Updated last month
- Windows Thread Pool Injection Havoc Implementation☆28Updated 11 months ago
- ☆108Updated 3 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated last year
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆107Updated 2 months ago
- ☆39Updated 2 years ago
- ☆123Updated 6 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆38Updated 8 months ago
- ☆61Updated 9 months ago