Linux Process Injection via Seccomp Notifier
☆95Dec 9, 2025Updated 6 months ago
Alternatives and similar repositories for seccomp-notify-injection
Users that are interested in seccomp-notify-injection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Bypass user-land hooks by syscall tampering via the Trap Flag☆140Aug 25, 2025Updated 10 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 9 months ago
- Windows Session Hijacking via COM☆350Dec 13, 2025Updated 6 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆79Jan 19, 2026Updated 5 months ago
- Proof-of-concept code for understanding the allow-jit entitlement on macOS☆33Feb 19, 2026Updated 4 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 5 months ago
- sigreturn-oriented(SROP) based sleep obfuscation poc for Linux☆70Dec 15, 2025Updated 6 months ago
- ☆35Sep 12, 2024Updated last year
- Help red teams find opsec processes during engagements☆44Dec 7, 2024Updated last year
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- A reflective DLL development template for the Rust programming language☆121Nov 4, 2025Updated 8 months ago
- Linux Shared Library to Shellcode Loader☆98Feb 15, 2026Updated 4 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 10 months ago
- Serverless GPU API endpoints on Runpod - Get Bonus Credits • AdSkip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆139Jan 28, 2026Updated 5 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆45Apr 6, 2025Updated last year
- A cross-platform C++ framework for building Windows shellcode☆179Apr 21, 2026Updated 2 months ago
- tests to catch some sloppy hv impls☆36Mar 16, 2026Updated 3 months ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆98Jul 7, 2025Updated 11 months ago
- An App Domain Manager Injection DLL PoC on steroids☆214Dec 14, 2023Updated 2 years ago
- Host CLR and run .NET binaries using Rust☆155Dec 23, 2025Updated 6 months ago
- Dumping App Bound Protected Credentials & Cookies Without Privileges.☆167May 28, 2025Updated last year
- Exploitation of CVE-2025-29969☆66Feb 20, 2026Updated 4 months ago
- Virtual machines for every use case on DigitalOcean • AdGet dependable uptime with 99.99% SLA, simple security tools, and predictable monthly pricing with DigitalOcean's virtual machines, called Droplets.
- A collection of sample code used in some experiments with Sliver C2☆17Mar 28, 2023Updated 3 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆81Apr 13, 2025Updated last year
- Stack integrity verification to Detect SleepMask or CallStack Spoofer☆54Jul 13, 2025Updated 11 months ago
- find dll base addresses without PEB WALK☆169Jul 13, 2025Updated 11 months ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆68Aug 25, 2022Updated 3 years ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆111Apr 22, 2026Updated 2 months ago
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆64Mar 17, 2025Updated last year
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆88Nov 6, 2025Updated 7 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆205Jun 17, 2025Updated last year
- End-to-end encrypted cloud storage - Proton Drive • AdSpecial offer: 40% Off Yearly / 80% Off First Month. Protect your most important files, photos, and documents from prying eyes.
- Self-mutating macOS implant☆138Apr 18, 2026Updated 2 months ago
- Beacon Object File (BOF) Template☆95Mar 9, 2026Updated 3 months ago
- ☆104Jan 21, 2025Updated last year
- ☆51Feb 12, 2026Updated 4 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆305Sep 7, 2023Updated 2 years ago
- Basic Psexec clone, but in golang.☆17Jul 2, 2022Updated 4 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆755Jul 22, 2023Updated 2 years ago