tlsbollei / KittyLoaderLinks
KittyLoader is a highly evasive loader written in C / Assembly
☆254Updated 4 months ago
Alternatives and similar repositories for KittyLoader
Users that are interested in KittyLoader are comparing it to the libraries listed below
Sorting:
- Code execution/injection technique using DLL PEB module structure manipulation☆220Updated 8 months ago
- Shellcode loader that executes embedded Lua from Rust.☆127Updated last year
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆196Updated 7 months ago
- Early Bird Cryo Injections – APC-based DLL & Shellcode Injection via Pre-Frozen Job Objects☆135Updated 10 months ago
- Injecting DLL into LSASS at boot☆156Updated 9 months ago
- Two tools written in C that block network traffic for blacklisted EDR processes, using either Windows Defender Firewall (WDF) or Windows …☆257Updated 4 months ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆104Updated 11 months ago
- Activation Context Hijack☆169Updated 6 months ago
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆225Updated 4 months ago
- "Service-less" driver loading☆177Updated last year
- Two new offensive techniques using Windows Fibers: PoisonFiber (The first remote enumeration & Fiber injection capability POC tool) Phan…☆280Updated last year
- A set of programs for analyzing common vulnerabilities in COM☆245Updated last year
- A reflective DLL development template for the Rust programming language☆113Updated 3 months ago
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆136Updated last year
- a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor☆107Updated last year
- Bypass user-land hooks by syscall tampering via the Trap Flag☆138Updated 5 months ago
- PoC for generating bthprops.cpl module designed to be loaded by Fsquirt.exe LOLBin☆121Updated last month
- find dll base addresses without PEB WALK☆157Updated 6 months ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆204Updated 5 months ago
- Sleep obfuscation☆265Updated last year
- Gain insights into MS-RPC implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By f…☆324Updated 3 months ago
- This repo contains PoCs for vulnerable Windows drivers.☆126Updated last month
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Updated last year
- Slides for COM Hijacking AV/EDR Talk on 38c3☆74Updated last year
- load shellcode without P/D Invoke and VirtualProtect call.☆165Updated 5 months ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆124Updated last year
- ☆159Updated last year
- Activation cache poisoning to elevate from medium to high integrity (CVE-2024-6769)☆79Updated last year
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆201Updated 2 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆165Updated 6 months ago