Boilerplate to develop raw and truly Position Independent Code (PIC).
☆117Jan 20, 2025Updated last year
Alternatives and similar repositories for relocatable
Users that are interested in relocatable are comparing it to the libraries listed below
Sorting:
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Feb 25, 2025Updated last year
- BOF with Synthetic Stackframe☆225Oct 30, 2025Updated 4 months ago
- A collection of position independent coding resources☆107Nov 15, 2025Updated 3 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆186Jan 17, 2026Updated last month
- An example reference design for a proposed BOF PE☆200Jan 23, 2026Updated last month
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆38Aug 5, 2025Updated 6 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆121Dec 23, 2025Updated 2 months ago
- A Mythic Agent written in PIC C.☆207Feb 4, 2025Updated last year
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 2 months ago
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- find dll base addresses without PEB WALK☆160Jul 13, 2025Updated 7 months ago
- early cascade injection PoC based on Outflanks blog post☆237Nov 7, 2024Updated last year
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆72Nov 11, 2025Updated 3 months ago
- ☆127Dec 12, 2025Updated 2 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 7 months ago
- 64-bit, position-independent implant template for Windows in Rust.☆173Nov 28, 2025Updated 3 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆308Mar 31, 2025Updated 11 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆137Apr 18, 2025Updated 10 months ago
- Host CLR and run .NET binaries using Rust☆151Dec 23, 2025Updated 2 months ago
- A reflective DLL development template for the Rust programming language☆114Nov 4, 2025Updated 3 months ago
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- Shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆137Dec 22, 2024Updated last year
- Sleep obfuscation☆268Dec 13, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆216Jan 18, 2025Updated last year
- A Cobalt Strike payload generator and lateral movement aggressor script which places Beacon shellcode into a custom shellcode loader☆45Sep 25, 2024Updated last year
- ☆146Nov 6, 2025Updated 3 months ago
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- Linker for Beacon Object Files☆159Feb 22, 2026Updated last week