NoArgs is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go. This allows NoArgs to alter process arguments discreetly.
☆153May 7, 2024Updated 2 years ago
Alternatives and similar repositories for NoArgs
Users that are interested in NoArgs are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- An interactive shell to spoof some LOLBins command line☆187Jan 27, 2024Updated 2 years ago
- Admin to Kernel code execution using the KSecDD driver☆270Apr 19, 2024Updated 2 years ago
- A beacon object file implementation of PoolParty Process Injection Technique.☆452Dec 21, 2023Updated 2 years ago
- Hide your P/Invoke signatures through other people's signed assemblies☆213Mar 10, 2024Updated 2 years ago
- A BOF that runs unmanaged PEs inline☆702Oct 23, 2024Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆288Apr 6, 2025Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆412Jan 11, 2026Updated 5 months ago
- .net config loader☆352Nov 9, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆66Mar 19, 2024Updated 2 years ago
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆326Apr 12, 2024Updated 2 years ago
- Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution☆201May 29, 2025Updated last year
- comprehensive .NET tool designed to extract and display detailed information about Windows Defender exclusions and Attack Surface Reducti…☆211Jun 10, 2024Updated 2 years ago
- Various one-off pentesting projects written in Nim. Updates happen on a whim.☆159May 25, 2026Updated last month
- A Powershell AMSI Bypass technique via Vectored Exception Handler (VEH). This technique does not perform assembly instruction patching, f…☆176May 30, 2024Updated 2 years ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Lockless BOF☆79May 2, 2025Updated last year
- Local & remote Windows DLL Proxying☆173Jun 17, 2024Updated 2 years ago
- Version 2 - A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders …☆102Mar 27, 2025Updated last year
- Lifetime AMSI bypass by @ZeroMemoryEx ported to .NET Framework 4.8☆352Aug 29, 2024Updated last year
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆147Mar 16, 2024Updated 2 years ago
- ☆91May 15, 2024Updated 2 years ago
- Process injection alternative☆407Sep 6, 2024Updated last year
- Patching "signtool.exe" to accept expired certificates for code-signing.☆345Feb 2, 2026Updated 5 months ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Jul 12, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- Simulate the behavior of AV/EDR for malware development training.☆567Feb 15, 2024Updated 2 years ago
- Linux Sleep Obfuscation☆130Jan 7, 2024Updated 2 years ago
- A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfve…☆598Jun 12, 2024Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- Dump lsass using only NTAPI functions by hand-crafting Minidump files (without MiniDumpWriteDump!!!)☆740May 7, 2025Updated last year
- Modified versions of the Cobalt Strike Process Injection Kit☆108Jan 24, 2024Updated 2 years ago
- A proof of concept for abusing exception handlers to hook and bypass user mode EDR hooks.☆203Dec 27, 2023Updated 2 years ago
- ROP-based sleep obfuscation to evade memory scanners☆384Jun 22, 2025Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Amazing whoami alternatives☆141Mar 23, 2024Updated 2 years ago
- Small toolkit for extracting information and dumping sensitive strings from Windows processes☆116Jul 17, 2024Updated last year
- C++ self-Injecting dropper based on various EDR evasion techniques.☆441Feb 11, 2024Updated 2 years ago
- DCOM Lateral movement POC abusing the IMsiServer interface - uploads and executes a payload remotely☆383Dec 13, 2024Updated last year
- ☆180Mar 27, 2023Updated 3 years ago
- Library of BOFs to interact with SQL servers☆242Dec 3, 2025Updated 7 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆311Jul 31, 2024Updated last year