Alternatives and similar repositories for ReflectiveLoader:

Users that are interested in ReflectiveLoader are comparing it to the libraries listed below

• outflanknl / macho-loader
  ☆67Updated 7 months ago
• 0x4d5a-ctf / 38c3_com_talk
  Slides for COM Hijacking AV/EDR Talk on 38c3
  ☆73Updated 3 months ago
• Dor00tkit / CVE-2024-30090
  CVE-2024-30090 - LPE PoC
  ☆106Updated 5 months ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated 8 months ago
• SafeBreach-Labs / MagicDot
  A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
  ☆98Updated 11 months ago
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆71Updated 2 weeks ago
• susMdT / ForsHops
  ForsHops
  ☆40Updated 3 weeks ago
• decoder-it / RelabelAbuse
  ☆61Updated 10 months ago
• JanielDary / weetabix
  A C++ PoC implementation for enumerating Windows Fibers directly from memory
  ☆18Updated 11 months ago
• xforcered / Windows_MSKSSRV_LPE_CVE-2023-36802
  LPE exploit for CVE-2023-36802
  ☆22Updated last year
• Fitretech-Security / dylight
  macOS dylib stager
  ☆32Updated 2 months ago
• NetSPI / BOF-PE
  An example reference design for a proposed BOF PE
  ☆158Updated last month
• djackreuter / rustlualoader
  Shellcode loader that executes embedded Lua from Rust.
  ☆113Updated 3 months ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• lap1nou / CLR_Heap_encryption
  ☆98Updated last year
• Slowerzs / KeyJumper
  ☆38Updated 2 weeks ago
• wolfcod / lsassdump
  lsassdump via RtlCreateProcessReflection and NanoDump
  ☆79Updated 5 months ago
• p0dalirius / FindProcessesWithNamedPipes
  A simple C++ Windows tool to get information about processes exposing named pipes.
  ☆37Updated last month
• Teach2Breach / pool_party_rs
  remote process injections using pool party techniques
  ☆58Updated 2 months ago
• tijme / relocatable
  Boilerplate to develop raw and truly Position Independent Code (PIC).
  ☆45Updated 2 months ago
• tyranid / windows-memory-access-traps
  A few examples of how to trap virtual memory access on Windows.
  ☆29Updated 3 months ago
• carsonchan12345 / CVE-2024-37726-MSI-Center-Local-Privilege-Escalation
  ☆36Updated 4 months ago
• 0xsch1zo / NullGate
  Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.
  ☆90Updated last month
• ioncodes / SilentLoad
  "Service-less" driver loading
  ☆151Updated 4 months ago
• Kudaes / CustomEntryPoint
  Select any exported function in a dll as the new dll's entry point.
  ☆77Updated 5 months ago
• scrt / KexecDDPlus
  Exploiting the KsecDD Windows driver through Server Silos
  ☆63Updated 5 months ago
• xforcered / Being-A-Good-CLR-Host
  ☆102Updated 2 months ago
• slyd0g / ObjCShellcodeLoader
  macOS shellcode loader written in Objective-C
  ☆47Updated 2 years ago
• Wh04m1001 / UserManagerEoP
  ☆79Updated last year
• akamai / Mirage
  Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.
  ☆74Updated last month