ntdll0 / HVNC
My POC implementation of HVNC (Hidden VNC / Hidden Desktop)
β20Updated 3 months ago
Alternatives and similar repositories for HVNC:
Users that are interested in HVNC are comparing it to the libraries listed below
- Fud Runpe Av Evasion / All Av Bypassβ32Updated 2 years ago
- π‘οΈ A multi-user malleable C2 framework targeting Windows. Written in C++ and Pythonβ44Updated last year
- Indirect Syscall implementation to bypass userland NTAPIs hooking.β73Updated 7 months ago
- Classic Process Injection with Memory Evasion Techniques implemantationβ68Updated last year
- LKM rootkit for modern kernels, with DNS C2 and a simple web interfaceβ64Updated 2 weeks ago
- Research into removing strings & API call references at compile-time (Anti-Analysis)β25Updated 9 months ago
- Shellcode Loader Utilizing ETW Eventsβ60Updated last month
- Implementing the ghostly hollowing PE injection technique using tampered syscalls.β140Updated 3 weeks ago
- TypeLib persistence techniqueβ108Updated 5 months ago
- Malware?β69Updated 5 months ago
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secuβ¦β41Updated 10 months ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.β90Updated 9 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Executionβ42Updated 8 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.β61Updated last year
- shellcode loader that uses indirect syscalls written in D Lang The loader bypasses user-mode hooks by resolving system calls manually froβ¦β9Updated 6 months ago
- It was a great run, but everything must come to an end. Please donβt contact me. Before I go, hereβs a final gift :)β19Updated last week
- UAC Bypass via CMUACUtil & PEB Enumeration, Undetected for now.β46Updated 10 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhoggβ46Updated last year
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.β72Updated last year
- a demo module for the kaine agent to execute and inject assembly modulesβ38Updated 7 months ago
- Transparently call NTAPI via Halo's Gate with indirect syscalls.β11Updated 11 months ago
- Cobaltstrike Reflective Loader with Synthetic Stackframeβ102Updated 2 months ago
- Shellcode loaderβ77Updated 4 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.β106Updated last year
- stack spoofingβ80Updated 4 months ago
- early cascade injection PoC based on Outflanks blog post, in rustβ56Updated 4 months ago
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryptionβ83Updated 2 years ago
- β36Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.β72Updated last month
- β27Updated 3 months ago