roadwy / SideloadFinderLinks
frida based script which automates the process of discovering and exploiting DLL Hijacks in target binaries. The discovered binaries can later be weaponized during Red Team Operations to evade AV/EDR's.
☆53Updated 2 years ago
Alternatives and similar repositories for SideloadFinder
Users that are interested in SideloadFinder are comparing it to the libraries listed below
Sorting:
- Evasive loader to bypass static detection☆58Updated last year
- Silently Install Chrome Extension For Persistence☆91Updated last year
- load assembly executable file in memory☆41Updated last year
- Generator of https://github.com/TheWover/donut in pure Go. supports compression, AMSI/WLDP/ETW bypass, etc.☆59Updated 2 years ago
- Beacon compiled using clang☆71Updated 2 years ago
- Self Cleanup in post-ex job☆58Updated 10 months ago
- ☆41Updated last year
- Its a coff loader ported to go( Modified by TimWhite )�☆27Updated 2 years ago
- use aswArPot.sys to kill process☆68Updated 2 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Updated 2 years ago
- Amaterasu terminates, or inhibits, protected processes such as application control and AV/EDR solutions by leveraging the Sysinternals Pr…☆75Updated last year
- An implementation of an indirect system call☆129Updated last year
- Use COM Component Bypass UAC,Dll Version☆35Updated 4 years ago
- dump lsass tool☆38Updated 2 years ago
- Fork & modify of Wireguard's Memmod☆32Updated 2 years ago
- Golang implementation of Hellsgate + Halosgate/Tartarosgate. Ensures that all systemcalls go through ntdll.dll;☆32Updated 3 years ago
- Cobalt Strike Beacon Object File (BOF) that obtain SYSTEM privilege with SeImpersonate privilege by passing a malicious IUnknwon object t…☆51Updated 2 years ago
- vehsyscall:a syscall project that may bypass EDR☆58Updated last year
- (Hellsgate|Halosgate|Tartarosgate)+Spoofing-Gate. Ensures that all systemcalls go through ntdll.dll☆43Updated 3 years ago
- Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from mem…☆53Updated last year
- A SigFlip implement in golang☆47Updated 3 years ago
- Beacon Object File implementation of pwn1sher's KillDefender☆66Updated 3 years ago
- A Simple PoC☆21Updated last year
- SharpSilentChrome is a C# project that "silently" installs browser extensions on Google Chrome or MS Edge by updating the browsers' Prefe…☆139Updated this week
- Exploits undocumented elevated COM interface ICMLuaUtil via process spoofing to edit registry then calls ColorDataProxy to trigger UAC b…☆138Updated 2 years ago
- Exploit for CVE-2023-36802 targeting MSKSSRV.SYS driver☆112Updated last year
- 汇编语言编写Shellcode加载器源代码 https://payloads.online/archivers/2022-02-16/1/☆78Updated 2 years ago
- Golang implementation of Reflective load PE from memory☆62Updated 3 years ago
- shadow tls client☆14Updated 2 years ago
- ☆51Updated last year