Boilerplate to develop raw and truly Position Independent Code (PIC).
☆117Jan 20, 2025Updated last year
Alternatives and similar repositories for relocatable
Users that are interested in relocatable are comparing it to the libraries listed below
Sorting:
- BOF with Synthetic Stackframe☆233Oct 30, 2025Updated 4 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆105Feb 25, 2025Updated last year
- A truly Position Independent Code (PIC) NimPlant C2 beacon written in C, without reflective loading.☆67Feb 11, 2025Updated last year
- A collection of position independent coding resources☆109Nov 15, 2025Updated 4 months ago
- use python on windows with full submodule support without installation☆30Jan 23, 2025Updated last year
- An example reference design for a proposed BOF PE☆204Jan 23, 2026Updated last month
- Cobaltstrike Reflective Loader with Synthetic Stackframe☆189Jan 17, 2026Updated 2 months ago
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- BOF that finds all the Nt* system call stubs within NTDLL and overwrites with clean syscall stubs (user land hook evasion)☆195Feb 6, 2025Updated last year
- Dll injection through code page id modification in registry. Based on jonas lykk research☆17Jun 18, 2022Updated 3 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- A Mythic Agent written in PIC C.☆206Feb 4, 2025Updated last year
- ForsHops☆152Mar 25, 2025Updated 11 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆50Jan 25, 2025Updated last year
- StoneKeeper C2, an experimental EDR evasion framework for research purposes☆209Dec 25, 2024Updated last year
- Reaping treasures from strings in remote processes memory☆285Feb 8, 2025Updated last year
- An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution☆195Nov 27, 2024Updated last year
- find dll base addresses without PEB WALK☆162Jul 13, 2025Updated 8 months ago
- Hijacks code execution via overwriting Control Flow Guard pointers in combase.dll☆151Apr 18, 2025Updated 11 months ago
- Curated list of public Beacon Object Files(BOFs) build in as submodules for easy cloning☆137Dec 7, 2025Updated 3 months ago
- Dynamically resolve API function addresses at runtime in a secure manner.☆73Nov 11, 2025Updated 4 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆121Dec 23, 2025Updated 2 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆62Nov 8, 2024Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆37Aug 5, 2025Updated 7 months ago
- Linker for Beacon Object Files☆170Feb 22, 2026Updated last month
- ☆128Dec 12, 2025Updated 3 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- early cascade injection PoC based on Outflanks blog post☆239Nov 7, 2024Updated last year
- Windows rootkit designed to work with BYOVD exploits☆217Jan 18, 2025Updated last year
- Rehashing APIs to prevent hash based detection☆14Jan 7, 2025Updated last year
- A reflective DLL development template for the Rust programming language☆116Nov 4, 2025Updated 4 months ago
- Rust template/library for implementing your own COFF loader☆72Jan 27, 2025Updated last year
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- Using Just In Time (JIT) instruction decryption, this shellcode loader ensures that only the currently executing instruction is visible i…☆64Apr 2, 2025Updated 11 months ago
- Mythic C2 Agent written in x64 PIC C☆84Jan 29, 2025Updated last year
- Host CLR and run .NET binaries using Rust☆153Dec 23, 2025Updated 2 months ago
- One-header configurable C++20 COFF loader☆21Jul 21, 2025Updated 8 months ago
- Cobalt Strike BOF for evasive .NET assembly execution☆309Mar 31, 2025Updated 11 months ago