roadwy / SideloadFinderLinks
frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.
☆56Updated 2 years ago
Alternatives and similar repositories for SideloadFinder
Users that are interested in SideloadFinder are comparing it to the libraries listed below
Sorting:
- Beacon compiled using clang☆72Updated 2 years ago
- Evasive loader to bypass static detection☆58Updated last year
- Silently Install Chrome Extension For Persistence☆95Updated last year
- An implementation of an indirect system call☆131Updated 2 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆78Updated last year
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆66Updated 2 months ago
- ☆43Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆60Updated last year
- Use COM Component Bypass UAC,Dll Version☆36Updated 4 years ago
- load assembly executable file in memory☆41Updated 2 years ago
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆141Updated 3 years ago
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆63Updated 2 years ago
- Its a coff loader ported to go( Modified by TimWhite )☆27Updated 2 years ago
- Self Cleanup in post-ex job☆58Updated last year
- Golang implementation of Reflective load PE from memory☆62Updated 3 years ago
- ☆60Updated last year
- Alternative Shellcode Execution Via Callbacks Rewrite In C#☆89Updated 2 years ago
- ☆41Updated 2 years ago
- Go implementation of the self-deletion of an running executable from disk☆112Updated 2 years ago
- use aswArPot.sys to kill process☆68Updated 3 years ago
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆44Updated 3 years ago
- ☆28Updated 2 years ago
- Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver☆112Updated 2 years ago
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆78Updated 3 years ago
- A SigFlip implement in golang☆51Updated 3 years ago
- ReturnGate, just like HellsGate.☆68Updated 3 years ago
- Load shellcode via syscall☆56Updated 4 years ago
- Delete file regardless of whether the handle is used via SetFileInformationByHandle☆55Updated 2 years ago
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆179Updated 4 months ago