Just another casual shellcode native loader
☆25Feb 3, 2022Updated 4 years ago
Alternatives and similar repositories for RTImplant
Users that are interested in RTImplant are comparing it to the libraries listed below
Sorting:
- One gate to all syscalls!☆23Mar 12, 2022Updated 3 years ago
- UUID based Shellcode loader for your favorite C2☆86Dec 8, 2021Updated 4 years ago
- It stinks☆105Apr 22, 2022Updated 3 years ago
- A PoC project for embedding shellcode to Hint/Name Table☆113May 16, 2022Updated 3 years ago
- JALSI - Just Another Lame Shellcode Injector☆30Aug 1, 2021Updated 4 years ago
- Hijack Printconfig.dll to execute shellcode☆100Jan 15, 2021Updated 5 years ago
- Collection of shellcode injection and execution techniques☆18Aug 21, 2025Updated 6 months ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆94Aug 1, 2022Updated 3 years ago
- just manipulatin these here tokens yes sir nothing weird☆22Apr 18, 2022Updated 3 years ago
- ☆24Oct 18, 2022Updated 3 years ago
- A repository filled with ideas to break/detect direct syscall techniques☆26Apr 21, 2022Updated 3 years ago
- A framework for backdooring Microsoft Nuget packages.☆10Jan 9, 2024Updated 2 years ago
- Attack chain emulator. Write recipes for initial access easily☆23Feb 26, 2025Updated last year
- Small tool to play with IOCs caused by Imageload events☆44May 14, 2023Updated 2 years ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69May 11, 2023Updated 2 years ago
- Get your data from the resource section manually, with no need for windows apis☆67Oct 22, 2024Updated last year
- Collection of CobaltStrike beacon object files☆105Feb 14, 2022Updated 4 years ago
- FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads☆384Apr 16, 2022Updated 3 years ago
- ☆113Aug 5, 2020Updated 5 years ago
- ☆50May 12, 2021Updated 4 years ago
- Socks4 reverse proxy for penetration testing. Python 2 and 3 compatible.☆17Jul 1, 2022Updated 3 years ago
- Self Delete DLL☆23Feb 15, 2024Updated 2 years ago
- Writeup of Payload Techniques in C involving Mutants, Session 1 -> Session 0 migration, and Self-Deletion of payloads.☆129Apr 24, 2022Updated 3 years ago
- Create file system symbolic links from low privileged user accounts within PowerShell☆94Jun 20, 2022Updated 3 years ago
- Cobalt Strike BOF to list Windows Pipes & return their Owners & DACL Permissions☆94Mar 8, 2023Updated 3 years ago
- ☆84Aug 26, 2024Updated last year
- A small example of loading BOFs in Python with pure reflection☆19Jan 26, 2023Updated 3 years ago
- An simplest PE parser, which list all import and export entries☆12Oct 11, 2018Updated 7 years ago
- Windows internals and exploitation tricks☆112Nov 9, 2025Updated 3 months ago
- C# havoc implant☆101Feb 12, 2023Updated 3 years ago
- Mythic Developer Series: Workshop Golang Agent☆25Jun 27, 2023Updated 2 years ago
- Encrypted Shellcode Loader Generator☆22Jan 29, 2019Updated 7 years ago
- Proof of concept - Covert Channel using Windows Filtering Platform (C#)☆21Aug 29, 2021Updated 4 years ago
- Experiments on the Windows Internals☆31Sep 22, 2019Updated 6 years ago
- Hostile Dropboxes Management☆26Jan 8, 2020Updated 6 years ago
- A custom run space to bypass AMSI and Constrained Language mode in PowerShell.☆21May 17, 2023Updated 2 years ago
- ☆10Jan 17, 2022Updated 4 years ago
- Collection of self-made Red Team tools that have come in handy☆12Aug 25, 2024Updated last year
- SyscallLoader☆11Sep 13, 2021Updated 4 years ago