susMdT / clr-thing
rust clr heap encryption (https://github.com/lap1nou/CLR_Heap_encryption), but no heap encryption.
☆15Updated last year
Alternatives and similar repositories for clr-thing:
Users that are interested in clr-thing are comparing it to the libraries listed below
- ☆21Updated 11 months ago
- ☆27Updated 2 months ago
- Load a dynamic library from memory using a fuse mount☆31Updated last year
- A work in progress BOF/COFF loader in Rust☆46Updated 2 years ago
- Cobalt Strike Beacon Object File to enable the webdav client service on x64 windows hosts☆20Updated last year
- ☆30Updated 4 months ago
- various methods of making API calls☆17Updated 2 months ago
- Windows RPC example calling stubs generated from MS-LSAT and MS-LSAD☆26Updated last year
- A lexer and parser for Sleep☆18Updated 3 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆48Updated 2 months ago
- ☆43Updated last year
- use python on windows with full submodule support without installation☆27Updated 2 months ago
- example using NtCreateUserProcess in rust☆19Updated 3 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- An In-memory Embedding of CPython☆28Updated 3 years ago
- idk man this was the default github name☆35Updated last year
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- BOF for C2 framework☆41Updated 5 months ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆26Updated 2 months ago
- A Dynamic MSBuild task to help with minor obfuscation of C# Binaries to evade static signatures on each compilation☆36Updated last year
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆15Updated 2 years ago
- An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.☆18Updated 4 months ago
- Unix Process hollowing in rust☆21Updated 4 months ago
- Beacon Debugger☆40Updated 5 months ago
- Example of using Sleep to create better named pipes.☆41Updated last year
- run process as PPL Antimalware☆10Updated last year
- ☆52Updated 2 years ago
- ELF Beacon Object File (BOF) Template☆18Updated 5 months ago
- Cobalt Strike notifications via NTFY.☆13Updated 6 months ago
- Modified Version of Melkor @FuzzySecurity capable of creating disposable AppDomains in injected processes.☆28Updated 3 years ago