pwardle / ReflectiveLoader
A Reflective Loader for macOS
☆98Updated 2 months ago
Alternatives and similar repositories for ReflectiveLoader:
Users that are interested in ReflectiveLoader are comparing it to the libraries listed below
- ☆67Updated 6 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆72Updated 2 months ago
- CVE-2024-30090 - LPE PoC☆105Updated 4 months ago
- ☆61Updated 9 months ago
- ☆98Updated last year
- Win32 keylogger that supports all (non-ime using) languages correctly☆48Updated last year
- A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue☆96Updated 10 months ago
- lib-nosa is a minimalist C library designed to facilitate socket connections through AFD driver IOCTL operations on Windows.☆103Updated 6 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆76Updated 7 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆86Updated last year
- "Service-less" driver loading☆148Updated 3 months ago
- I have documented all of the AMSI patches that I learned till now☆74Updated last year
- Shellcode loader that executes embedded Lua from Rust.☆85Updated 2 months ago
- ☆108Updated 3 months ago
- Find DLLs with RWX section☆76Updated last year
- Plantronics Desktop Hub LPE☆37Updated 9 months ago
- macOS dylib stager☆31Updated last month
- LPE exploit for CVE-2023-36802☆22Updated last year
- macOS shellcode loader written in Objective-C☆47Updated 2 years ago
- ☆95Updated last month
- Linux Sleep Obfuscation☆94Updated last year
- Select any exported function in a dll as the new dll's entry point.☆75Updated 4 months ago
- ☆134Updated last year
- ☆78Updated last year
- A BOF to enumerate system process, their protection levels, and more.☆116Updated 3 months ago
- A work in progress BOF/COFF loader in Rust☆47Updated last year
- A few examples of how to trap virtual memory access on Windows.☆27Updated 2 months ago
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆39Updated last year