nnsee / fileless-elf-exec
Execute ELF files without dropping them on disk
☆491Updated 7 months ago
Alternatives and similar repositories for fileless-elf-exec:
Users that are interested in fileless-elf-exec are comparing it to the libraries listed below
- ulexecve is a userland execve() implementation which helps you execute arbitrary ELF binaries on Linux from userland without the binaries…☆182Updated last year
- This repository includes code and IoCs that are the product of research done in Akamai's various security research teams.☆487Updated 2 months ago
- a tool to help operate in EDRs' blind spots☆705Updated 2 months ago
- A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.☆815Updated last year
- Convert shellcode into different formats!☆347Updated 2 years ago
- PCAP visualization tool☆103Updated last year
- Elf binary infector written in Go.☆206Updated last month
- ☆410Updated 2 years ago
- A little bit less hackish way to intercept and modify non-HTTP protocols through Burp & others.☆208Updated 2 years ago
- Arya is a unique tool that produces pseudo-malicious files meant to trigger YARA rules. You can think of it like a reverse YARA.☆243Updated 2 years ago
- A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file form…☆897Updated 8 months ago
- Aims to identify sleeping beacons☆564Updated 2 months ago
- Heavily-modified fork of David Buchanan's dlinject project. Injects arbitrary assembly (or precompiled binary) payloads directly into x86…☆122Updated 2 years ago
- Venom is a library that meant to perform evasive communication using stolen browser socket☆376Updated last year
- Various ways to execute shellcode☆482Updated 11 months ago
- Mythic C2 agent targeting Linux and Windows hosts written in Rust☆329Updated 2 months ago
- Anti-virus artifacts. Listing APIs hooked by: Avira, BitDefender, F-Secure, MalwareBytes, Norton, TrendMicro, and WebRoot.☆731Updated 3 years ago
- ☆740Updated last year
- Windows x64 handcrafted token stealing kernel-mode shellcode☆505Updated 10 months ago
- Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by …☆742Updated last year
- Local privilege escalation PoC for Linux kernel CVE-2022-1015☆203Updated 2 years ago
- nysm is a stealth post-exploitation container.☆243Updated last year
- A memory-based evasion technique which makes shellcode invisible from process start to end.☆1,167Updated last year
- ☆201Updated 3 months ago
- ☆298Updated last year
- Hide your payload in DNS☆611Updated last year
- A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.ht…☆633Updated 2 years ago
- eBPF hacks☆182Updated 2 months ago
- Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock …☆182Updated 4 months ago
- ICMP Reverse Shell written in Python 3 and with Scapy (backdoor/rev shell)☆337Updated 6 months ago