roadwy / SideloadFinderLinks
frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.
☆55Updated 2 years ago
Alternatives and similar repositories for SideloadFinder
Users that are interested in SideloadFinder are comparing it to the libraries listed below
Sorting:
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆60Updated 2 years ago
- Beacon compiled using clang☆72Updated 2 years ago
- load assembly executable file in memory☆41Updated 2 years ago
- Evasive loader to bypass static detection☆58Updated last year
- use aswArPot.sys to kill process☆68Updated 3 years ago
- Silently Install Chrome Extension For Persistence☆92Updated last year
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 2 years ago
- Use COM Component Bypass UAC,Dll Version☆35Updated 4 years ago
- ☆42Updated last year
- Self Cleanup in post-ex job☆59Updated 11 months ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆54Updated last year
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆78Updated 2 years ago
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆44Updated 3 years ago
- Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;☆32Updated 3 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆77Updated last year
- ☆42Updated 2 years ago
- A Simple PoC☆21Updated last year
- An implementation of an indirect system call☆130Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆53Updated 2 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆139Updated 2 years ago
- Its a coff loader ported to go( Modified by TimWhite )☆27Updated 2 years ago
- ☆57Updated last year
- Fork & modify of Wireguard's Memmod☆33Updated 2 years ago
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆90Updated 2 years ago
- Golang implementation of Reflective load PE from memory☆62Updated 3 years ago
- ☆27Updated 2 years ago
- A wrapper of ldap_shell.py module which in ntlmrelayx☆62Updated 2 years ago
- 看起来叫BabyBypass,实际啥都会记一些☆17Updated last year
- shadow tls client☆14Updated 2 years ago