roadwy / SideloadFinderLinks
frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.
☆56Updated 2 years ago
Alternatives and similar repositories for SideloadFinder
Users that are interested in SideloadFinder are comparing it to the libraries listed below
Sorting:
- Evasive loader to bypass static detection☆59Updated 2 years ago
- Beacon compiled using clang☆72Updated 3 years ago
- ☆62Updated last year
- An implementation of an indirect system call☆131Updated 2 years ago
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆64Updated 2 years ago
- Silently Install Chrome Extension For Persistence☆96Updated last year
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 3 years ago
- load assembly executable file in memory☆41Updated 2 years ago
- ☆43Updated 2 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆78Updated last year
- Self Cleanup in post-ex job☆59Updated last year
- Its a coff loader ported to go( Modified by TimWhite )☆26Updated 2 years ago
- A Simple PoC☆22Updated last year
- Use COM Component Bypass UAC,Dll Version☆36Updated 4 years ago
- vehsyscall:a syscall project that may bypass EDR☆61Updated last year
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆69Updated 3 months ago
- A SigFlip implement in golang☆51Updated 4 years ago
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆44Updated 3 years ago
- ☆28Updated 2 years ago
- Fork & modify of Wireguard's Memmod☆33Updated 2 years ago
- ☆41Updated 2 years ago
- Go implementation of the self-deletion of an running executable from disk☆113Updated 2 years ago
- Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;☆32Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that uses LogonUserSSPI API to perform kerberos-based password spray☆47Updated 2 years ago
- 汇编语言编�写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆77Updated 3 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆142Updated 3 years ago
- Section Mapping Process Injection modified with SysWhisper2 (sw2-secinject): Cobalt Strike BOF☆42Updated 3 years ago
- Golang implementation of Reflective load PE from memory☆64Updated 4 years ago
- use aswArPot.sys to kill process☆69Updated 3 years ago
- HVNC based on RustDesk☆108Updated last year