ntdll0 / HVNCLinks
My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
☆26Updated 8 months ago
Alternatives and similar repositories for HVNC
Users that are interested in HVNC are comparing it to the libraries listed below
Sorting:
- Yandex browser passwords and credit-cards decryption algorithm☆20Updated 4 months ago
- Decrypting yandex browser passwords☆24Updated 4 months ago
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.☆169Updated 5 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆161Updated last week
- Injecting DLL into LSASS at boot☆135Updated 4 months ago
- LKM rootkit for modern kernels, with DNS C2 and a simple web interface☆73Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆162Updated last year
- Generic PE loader for fast prototyping evasion techniques☆235Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆180Updated 2 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- kernel-mode DLL Injector☆108Updated 4 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆73Updated last year
- Research into removing strings & API call references at compile-time (Anti-Analysis)☆27Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆43Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆97Updated 6 months ago
- Generate an Alphabetical Polymorphic Shellcode☆109Updated last week
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- A vulnerable driver exploited by me (BYOVD) that is capable of terminating several EDRs and antivirus software in the market, rendering t…☆99Updated 8 months ago
- Malware?☆74Updated 10 months ago
- "Service-less" driver loading☆159Updated 9 months ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆143Updated last year
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆280Updated last year
- Encode shellcode into dictionary words for evasion and entropy reduction☆27Updated 9 months ago
- TypeLib persistence technique☆127Updated 10 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆77Updated last year
- Shellcode loader☆92Updated 9 months ago
- Nim process hollowing loader☆59Updated last month
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆22Updated 3 months ago
- ☆37Updated last year
- C2 Agent fully PIC for Mythic with advanced evasion capabilities, dotnet/powershell/shellcode/bof memory executions, lateral moviments, p…☆142Updated this week