susMdT / ForsHopsLinks
ForsHops
☆58Updated 5 months ago
Alternatives and similar repositories for ForsHops
Users that are interested in ForsHops are comparing it to the libraries listed below
Sorting:
- Linker for Beacon Object Files☆128Updated this week
- A small collection of Crystal Palace PIC loaders designed for use with Cobalt Strike☆156Updated last month
- ☆78Updated 8 months ago
- Implementing an early exception handler for hooking and threadless process injection without relying on VEH or SEH☆62Updated 3 weeks ago
- A collection of position independent coding resources☆94Updated last week
- TypeLib persistence technique☆133Updated 10 months ago
- ☆122Updated 8 months ago
- shell code example☆62Updated 4 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆99Updated 6 months ago
- ☆100Updated last year
- Boilerplate to develop raw and truly Position Independent Code (PIC).☆102Updated 8 months ago
- ☆124Updated last year
- ☆93Updated last year
- converts sRDI compatible dlls to shellcode☆31Updated 8 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆67Updated last year
- ☆61Updated last year
- ☆40Updated 9 months ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆70Updated last month
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆131Updated 7 months ago
- load shellcode without P/D Invoke and VirtualProtect call.☆120Updated 2 weeks ago
- BOF with Synthetic Stackframe☆167Updated 6 months ago
- COM-based DLL Surrogate Injection☆86Updated 2 weeks ago
- Threadless shellcode injection tool☆67Updated last year
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆131Updated last year
- Beacon Object File (BOF) to obtain Entra tokens via authcode flow.☆102Updated 4 months ago
- Shellcode loader☆94Updated 9 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆69Updated last month
- A process injection technique using only thread context manipulation☆38Updated last year
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆105Updated last year
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆42Updated last year