Injecting code by recompiling shellcode into a ROP chain.
☆137Apr 21, 2026Updated 3 weeks ago
Alternatives and similar repositories for rophi
Users that are interested in rophi are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Common format for transferring and applying function information across binary analysis tools☆65Nov 5, 2025Updated 6 months ago
- Proof-of-concept post-build obfuscator for Unity IL2CPP projects☆39Jan 12, 2025Updated last year
- binary instrumentation, analysis, and patching framework☆105Feb 20, 2026Updated 2 months ago
- Advanced shellcode loader with AES-256, EDR/AMSI/ETW bypass, indirect syscalls, evasion, early-bird APC injection and PPID spoofing.☆34Apr 16, 2026Updated last month
- The danger of repetivive format string vulnerabilities and abusing exit on full RELRO☆22May 26, 2022Updated 3 years ago
- Deploy on Railway without the complexity - Free Credits Offer • AdConnect your repo and Railway handles the rest with instant previews. Quickly provision container image services, databases, and storage volumes.
- Orchestrate detonating your MalDev in VMs with different EDRs to see their detection surface.☆27Updated this week
- A tool to decrypt all Synology encrypted archives (SPK, PAT, ...)☆21Jun 6, 2025Updated 11 months ago
- A C# Tool to gather information about email breaches☆16Dec 21, 2023Updated 2 years ago
- Generate Go bindings for shared C libraries.☆18Jul 13, 2024Updated last year
- process hollowing variant using NtCreateSection + NtMapViewOfSection + ResumeThread☆31Jan 9, 2022Updated 4 years ago
- Patches the AmsiScan function in clr.dll allowing for unrestricted assembly loading in .NET☆53May 5, 2025Updated last year
- Convert Microsoft Defender Antivirus Signatures (VDM) into a SQL DB☆24Jun 27, 2025Updated 10 months ago
- Pointer encryption library in rust.☆19Apr 13, 2025Updated last year
- Bake shellcode to get malicious.exe☆28Jul 25, 2023Updated 2 years ago
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- A lexer and parser for Sleep☆20Feb 20, 2026Updated 2 months ago
- Kernel Information Disclosure☆36Jan 13, 2026Updated 4 months ago
- chernobog is a Hex-Rays decompiler plugin that defeats Hikari LLVM obfuscation.☆190May 6, 2026Updated 2 weeks ago
- Reproducing the SkeletonKey malware.☆11Apr 6, 2024Updated 2 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- Shellcode Loader using indirect syscalls☆16Jan 21, 2024Updated 2 years ago
- ☆17Sep 25, 2024Updated last year
- Kernel<->Usermode shared memory communcation using manually mapped driver☆22Dec 12, 2021Updated 4 years ago
- ☆23May 24, 2024Updated last year
- Managed Kubernetes at scale on DigitalOcean • AdDigitalOcean Kubernetes includes the control plane, bandwidth allowance, container registry, automatic updates, and more for free.
- Misery Loader to bypass modern EDR solutions☆19Dec 20, 2024Updated last year
- Downgrade attack for CVE-2025-48804☆169Updated this week
- VMT hooking is a technique where you hook one (or more) VMT(Virtual Method Table) entries with a pointer to other function. Thus, when th…☆15May 20, 2020Updated 5 years ago
- Guide on using the PPPwnGo GUI tool☆11Sep 26, 2024Updated last year
- A V8 Sandbox Escape Technique.☆21Feb 8, 2025Updated last year
- ☆31Mar 9, 2024Updated 2 years ago
- Advanced Windows authentication token extraction and decryption tool for red team operations and security research☆95Apr 1, 2026Updated last month
- Port of zentool to Windows☆27Mar 7, 2025Updated last year
- Pseudo-shell for RCE scenarios: tunnels commands via /tmp sockets to a local daemon, keeps context, no bind or reverse shell needed.☆45Jun 12, 2025Updated 11 months ago
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- ZwProcessHollowing is a x64 process hollowing project which uses direct systemcalls, dll unhooking and RC4 payload decryption☆94Mar 23, 2023Updated 3 years ago
- adapted guidedhacking's code to work on 64 bit applications and added features☆13Dec 3, 2018Updated 7 years ago
- A basic Secure Virtual Machine hypervisor☆25Feb 25, 2021Updated 5 years ago
- ☆29Updated this week
- Simple template for using Remill on Windows/Linux/macos.☆32Mar 24, 2026Updated last month
- Native opaque predicate cleaner plugin for Binary Ninja☆47Updated this week
- ☆28Jan 10, 2024Updated 2 years ago