susMdT / clr-thing
rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
☆16Updated last year
Alternatives and similar repositories for clr-thing:
Users that are interested in clr-thing are comparing it to the libraries listed below
- Unix Process hollowing in rust☆21Updated 3 months ago
- ☆21Updated 11 months ago
- use python on windows with full submodule support without installation☆28Updated 2 months ago
- ☆25Updated 2 months ago
- A work in progress BOF/COFF loader in Rust☆47Updated 2 years ago
- ☆43Updated last year
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆20Updated last year
- BOF for C2 framework☆40Updated 4 months ago
- ☆20Updated 9 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆26Updated last year
- ☆24Updated 10 months ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- idk man this was the default github name☆35Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆25Updated 2 months ago
- A lexer and parser for Sleep☆16Updated 2 months ago
- ELF Beacon Object File (BOF) Template☆18Updated 4 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆36Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆45Updated 2 months ago
- example using NtCreateUserProcess in rust☆18Updated 2 months ago
- Aggressor script to automatically download and load an arsenal of open source and private Cobalt Strike tooling.☆25Updated 7 months ago
- ☆20Updated 3 weeks ago
- Less sugar (entropy) for your binaries☆17Updated last week
- Dynamically resolve API function addresses at runtime in a secure manner.☆54Updated 5 months ago
- Cobalt Strike notifications via NTFY.☆13Updated 6 months ago
- ☆28Updated 10 months ago
- A VSCode plugin to assist with BOF development.☆34Updated 7 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆27Updated 3 years ago
- Load a dynamic library from memory using a fuse mount☆30Updated last year