rbmm / ARLLinks
☆24Updated 4 months ago
Alternatives and similar repositories for ARL
Users that are interested in ARL are comparing it to the libraries listed below
Sorting:
- RunPE adapted for x64 and written in C, does not use RWX☆25Updated last year
- Self Delete DLL☆23Updated last year
- ☆31Updated last month
- Cobalt Strike notifications via NTFY.☆13Updated 8 months ago
- ☆26Updated 3 months ago
- ☆23Updated last year
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- An example of COM hijacking using a proxy DLL.☆28Updated 3 years ago
- use python on windows with full submodule support without installation☆28Updated 4 months ago
- various methods of making API calls☆17Updated 4 months ago
- BOF for C2 framework☆41Updated 6 months ago
- A lexer and parser for Sleep☆20Updated 3 weeks ago
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- C code to enable ETW tracing for Dotnet Assemblies☆31Updated 2 years ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆21Updated last month
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆28Updated 4 months ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- ☆27Updated 4 months ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- NailaoLoader: Hiding Execution Flow via Patching☆21Updated 3 months ago
- ☆36Updated last year
- ☆48Updated 4 years ago
- A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies☆32Updated 2 years ago
- CVE-2024-40431+CVE-2022-25479 chain for EOP(DATA ONLY ATTACK)☆45Updated 7 months ago
- A simple BOF that disables some logging with NtSetInformationProcess☆13Updated last year
- ELF Beacon Object File (BOF) Template☆19Updated 6 months ago
- A simple Linux in-memory .so loader☆30Updated 2 years ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆31Updated 11 months ago
- PowerShell Implementation of ADFSDump to assist with GoldenSAML☆32Updated last month