thefLink / C-To-Shellcode-Examples
☆188Updated 3 years ago
Related projects ⓘ
Alternatives and complementary repositories for C-To-Shellcode-Examples
- Building and Executing Position Independent Shellcode from Object Files in Memory☆153Updated 3 years ago
- Load and execute COFF files and Cobalt Strike BOFs in-memory☆193Updated 2 years ago
- ☆160Updated 2 years ago
- Experiment on reproducing Obfuscate & Sleep☆138Updated 3 years ago
- A PoC implementation for dynamically masking call stacks with timers.☆248Updated last year
- You shall pass☆248Updated 2 years ago
- Exploring in-memory execution of .NET☆133Updated 2 years ago
- A small PoC that creates processes in Windows☆172Updated 5 months ago
- Cobalt Strike User Defined Reflective Loader (UDRL). Check branches for different functionality.☆134Updated 2 years ago
- The code is a pingback to the Dark Vortex blog: https://0xdarkvortex.dev/hiding-memory-allocations-from-mdatp-etwti-stack-tracing/☆158Updated last year
- x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks☆193Updated last year
- WTSRM☆199Updated 2 years ago
- Beacon Object File Loader☆273Updated 11 months ago
- Use hardware breakpoints to spoof the call stack for both syscalls and API calls☆181Updated 5 months ago
- A basic emulation of an "RPC Backdoor"☆207Updated 2 years ago
- miscellaneous scripts and programs☆214Updated last year
- The code is a pingback to the Dark Vortex blog:☆163Updated last year
- A Dropper POC with a focus on aiding in EDR evasion, NTDLL Unhooking followed by loading ntdll in-memory, which is present as shellcode (…☆165Updated last year
- Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2☆178Updated 2 years ago
- Evasive Process Hollowing Techniques☆134Updated 4 years ago
- ☆139Updated last year
- Mochi is a proof-of-concept C++ loader that leverages the ChaiScript embedded scripting language to execute code.☆97Updated 2 years ago