Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.
☆43Jun 12, 2025Updated 8 months ago
Alternatives and similar repositories for shellnot
Users that are interested in shellnot are comparing it to the libraries listed below
Sorting:
- ☆10Jul 1, 2023Updated 2 years ago
- ☆33Jan 23, 2025Updated last year
- ☆38Apr 15, 2025Updated 10 months ago
- ☆13Dec 29, 2022Updated 3 years ago
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆27May 13, 2025Updated 9 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆22Feb 27, 2025Updated last year
- A small How-To on creating your own weaponized WSL file☆121Jul 23, 2025Updated 7 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆26Apr 21, 2025Updated 10 months ago
- SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral movement.☆261Nov 22, 2025Updated 3 months ago
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 6 months ago
- PowerShell implementation for AD CS☆70Feb 19, 2026Updated last week
- Scan files for potential threats while leveraging AMSI (Antimalware Scan Interface) and Windows Defender. By isolating malicious content.☆37Jan 2, 2025Updated last year
- ☆159May 5, 2025Updated 9 months ago
- KittyLoader is a highly evasive loader written in C / Assembly☆257Sep 22, 2025Updated 5 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- FaceDancer is an exploitation tool aimed at creating hijackable, proxy-based DLLs by taking advantage of COM-based system DLL image loadi…☆400Sep 26, 2024Updated last year
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 9 months ago
- Remote DLL Injection with Timer-based Shellcode Execution☆154Jul 18, 2025Updated 7 months ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- Dump processes over WMI with MSFT_MTProcess☆84Feb 13, 2026Updated 2 weeks ago
- Guide on using the PPPwnGo GUI tool☆11Sep 26, 2024Updated last year
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆25Sep 29, 2023Updated 2 years ago
- A POC to disable TamperProtection and other Defender / MDE components☆254Jun 6, 2024Updated last year
- Linux Sleep Obfuscation☆112Jan 7, 2024Updated 2 years ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- Shellcode Loader Utilizing ETW Events☆67Feb 26, 2025Updated last year
- Sample Rust crate used to implement a VBS enclave in Rust☆44Jun 3, 2025Updated 8 months ago
- Proof of Concept for manipulating the Kernel Callback Table in the Process Environment Block (PEB) to perform process injection and hijac…☆270Oct 31, 2024Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆137Apr 6, 2025Updated 10 months ago
- Weaponizing DCOM for NTLM Authentication Coercions☆275Jul 1, 2025Updated 7 months ago
- Cargo subcommand to build a crate into shellcode☆27Aug 15, 2024Updated last year
- ☆50Jul 9, 2025Updated 7 months ago
- Visual Interface heXadecimal dump☆53Dec 8, 2016Updated 9 years ago
- The tool to decode obfuscated shellcodes using the unicorn and capstone engine☆54Jun 19, 2016Updated 9 years ago
- Threadless shellcode injection tool☆68Aug 5, 2024Updated last year