SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the process of constructing and utilizing structures, assigning variables, and making system calls. With this tool, integrating strings into your shellcode and initializing Unicode strings has never been easier.
☆154Aug 4, 2025Updated 7 months ago
Alternatives and similar repositories for shellsilo
Users that are interested in shellsilo are comparing it to the libraries listed below
Sorting:
- ☆108Aug 21, 2024Updated last year
- A collection of position independent coding resources☆109Nov 15, 2025Updated 4 months ago
- PoC module to demonstrate automated lateral movement with the Havoc C2 framework.☆309Dec 9, 2023Updated 2 years ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆592Jun 12, 2024Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post☆239Nov 7, 2024Updated last year
- .NET assembly loader with patchless AMSI and ETW bypass☆374Apr 19, 2023Updated 2 years ago
- Windows Administrator level Implant.☆50Sep 28, 2024Updated last year
- This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe process. Once the clone…☆216Oct 19, 2024Updated last year
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- Inject RDPThief into memory with PowerShell.☆65Jan 21, 2025Updated last year
- various methods of making API calls☆19Feb 1, 2025Updated last year
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- A BOF that runs unmanaged PEs inline☆685Oct 23, 2024Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,198Oct 16, 2023Updated 2 years ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- A new technique that can be used to bypass memory scanners. This can be useful in hiding problematic code (such as reflective loaders imp…☆343Oct 7, 2024Updated last year
- A more reliable way of resolving syscall numbers in Windows☆54Feb 12, 2024Updated 2 years ago
- Dump lsass using only NTAPI functions creating 3 JSON and 1 ZIP file... and generate the MiniDump file later!☆541May 9, 2025Updated 10 months ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆326Apr 12, 2024Updated last year
- Cobalt Strike + Brute Ratel C4 Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique☆158Nov 7, 2023Updated 2 years ago
- Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)☆263Jun 29, 2024Updated last year
- A Python POC for CRED1 over SOCKS5☆165Oct 5, 2024Updated last year
- Evasive shellcode loader☆400Oct 17, 2024Updated last year
- ApexLdr is a DLL Payload Loader written in C☆117Jul 17, 2024Updated last year
- Abusing Windows fork API and OneDrive.exe process to inject the malicious shellcode without allocating new RWX memory region.☆290May 27, 2024Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- load shellcode without P/D Invoke and VirtualProtect call.☆169Sep 2, 2025Updated 6 months ago
- ☆126Sep 1, 2024Updated last year
- ☆342Nov 10, 2025Updated 4 months ago
- The code is a pingback to the Dark Vortex blog:☆186Jan 26, 2023Updated 3 years ago
- A tunneling toolkit enabling operators to move data from one place to another evasively.☆77Nov 3, 2025Updated 4 months ago
- lsassdump via RtlCreateProcessReflection and NanoDump☆86Oct 18, 2024Updated last year
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆283Apr 6, 2025Updated 11 months ago
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆250Jun 11, 2024Updated last year
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆542Feb 13, 2024Updated 2 years ago
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths☆361Aug 11, 2024Updated last year
- Run native PE or .NET executables entirely in-memory. Build the loader as an .exe or .dll—DllMain is Cobalt Strike UDRL-compatible☆271Jun 18, 2025Updated 9 months ago