Linux Process Injection via Seccomp Notifier
☆96Dec 9, 2025Updated 5 months ago
Alternatives and similar repositories for seccomp-notify-injection
Users that are interested in seccomp-notify-injection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 9 months ago
- A small experiment on assigning a processes threads a specific CPU and then blocking it with a high priority thread☆33Sep 24, 2025Updated 8 months ago
- Windows Session Hijacking via COM☆347Dec 13, 2025Updated 5 months ago
- Demonstrates consuming from a SecurityTrace ETW session by consuming from the Threat-Intelligence ETW provider without a driver or PPL pr…☆78Jan 19, 2026Updated 4 months ago
- Proof-of-concept code for understanding the allow-jit entitlement on macOS☆31Feb 19, 2026Updated 3 months ago
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆69Jan 5, 2026Updated 4 months ago
- sigreturn-oriented(SROP) based sleep obfuscation poc for Linux☆69Dec 15, 2025Updated 5 months ago
- ☆34Sep 12, 2024Updated last year
- Help red teams find opsec processes during engagements☆44Dec 7, 2024Updated last year
- Post-Ex BOF tooling for Hannibal☆24Nov 20, 2024Updated last year
- Library of BOFs to interact with SQL servers☆16Dec 6, 2024Updated last year
- A reflective DLL development template for the Rust programming language☆119Nov 4, 2025Updated 6 months ago
- Linux Shared Library to Shellcode Loader☆97Feb 15, 2026Updated 3 months ago
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆135Jan 28, 2026Updated 3 months ago
- GPUs on demand by Runpod - Special Offer Available • AdRun AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 9 months ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated last year
- tests to catch some sloppy hv impls☆36Mar 16, 2026Updated 2 months ago
- A cross-platform C++ framework for building Windows shellcode☆176Apr 21, 2026Updated last month
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆97Jul 7, 2025Updated 10 months ago
- An App Domain Manager Injection DLL PoC on steroids☆214Dec 14, 2023Updated 2 years ago
- Host CLR and run .NET binaries using Rust☆154Dec 23, 2025Updated 5 months ago
- Exploitation of CVE-2025-29969☆67Feb 20, 2026Updated 3 months ago
- Dumping App Bound Protected Credentials & Cookies Without Privileges.☆167May 28, 2025Updated 11 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- A collection of sample code used in some experiments with Sliver C2☆17Mar 28, 2023Updated 3 years ago
- Hooking KPRCB IdlePreselect function to gain execution inside PID 0.☆80Apr 13, 2025Updated last year
- Stack integrity verification to Detect SleepMask or CallStack Spoofer☆54Jul 13, 2025Updated 10 months ago
- find dll base addresses without PEB WALK☆163Jul 13, 2025Updated 10 months ago
- An insecurely implemented and installed Windows service for emulating elevation of privileges vulnerabilities☆68Aug 25, 2022Updated 3 years ago
- Havoc C2 BOF port of the KslD.sys BYOVD technique. Credential extraction from lsass via physical memory — no OpenProcess, no auditable AP…☆108Apr 22, 2026Updated last month
- A modern Rust implementation of the original Stardust project, providing a sophisticated 32/64-bit shellcode template that features posit…☆62Mar 17, 2025Updated last year
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆84Nov 6, 2025Updated 6 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆204Jun 17, 2025Updated 11 months ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Self-mutating macOS implant☆135Apr 18, 2026Updated last month
- ☆48Feb 12, 2026Updated 3 months ago
- ☆103Jan 21, 2025Updated last year
- Beacon Object File (BOF) Template☆88Mar 9, 2026Updated 2 months ago
- PoC to coerce authentication from Windows hosts using MS-WSP☆307Sep 7, 2023Updated 2 years ago
- Basic Psexec clone, but in golang.☆17Jul 2, 2022Updated 3 years ago
- InlineExecute-Assembly is a proof of concept Beacon Object File (BOF) that allows security professionals to perform in process .NET assem…☆751Jul 22, 2023Updated 2 years ago