Alternatives and similar repositories for SHELF-Loading:

Users that are interested in SHELF-Loading are comparing it to the libraries listed below

• ulexec / ElfLocker
  PoC multi-layer protector for ELF32 x86 binaries
  ☆10Updated 2 years ago
• ic3qu33n / michelangelo-reanimator
  Michelangelo REanimator bootkit and REcon 2023 talk slides/materials
  ☆28Updated 11 months ago
• dsnezhkov / exclave
  ☆16Updated 3 years ago
• rhotav / PT_LOAD-Injector
  An injector that use PT_LOAD technique
  ☆12Updated 2 years ago
• perturbed-platypus / LinooxMalware
  ☆27Updated 5 years ago
• therealdreg / nasm_linux_x86_64_pure_sharedlib
  NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection
  ☆29Updated last year
• dsnezhkov / elfpack
  ☆46Updated 2 years ago
• airbus-cert / ttd2mdmp
  Extract data of TTD trace file to a minidump
  ☆28Updated last year
• X-C3LL / memdlopen-lib
  ☆12Updated 2 years ago
• En14c / Erebus
  Poc for ELF64 runtime infection via GOT poisoning technique by elfmaster
  ☆29Updated 4 years ago
• elfmaster / scop_virus_paper
  ELF Virus infection techniques that work with SCOP (Secure code partitioned) executables
  ☆14Updated 5 years ago
• PinkNoize / shelf-loader-poc
  ☆12Updated 3 years ago
• riesha / drv-vuln-scanner
  Finds imports that could be exploited, still requires manual analysis.
  ☆27Updated 2 years ago
• therealdreg / dregate
  call gates as stable comunication channel for NT x86 and Linux x86_64
  ☆31Updated last year
• sevagas / MagicLib
  Non organized Cpp code files I used for my research on Windows
  ☆18Updated 4 years ago
• bhassani / doublepulsar
  DoublePulsar (Position-Independent) Shellcode (Windows 7 SP1 x64)
  ☆26Updated 4 years ago
• yo-yo-yo-jbo / anti_debugging_intro
  ☆22Updated last year
• rbmm / DirectSysCall
  ☆12Updated last year
• vyrus001 / ebowla-2
  reboot of https://github.com/Genetic-Malware/Ebowla in order to simplify / modernize the codebase and provide ongoing support
  ☆22Updated 3 years ago
• waleedassar / SyscallNumberExtractor
  ☆24Updated 3 years ago
• tyranid / DumpReparsePoints
  This is a simple tool to dump all the reparse points on an NTFS volume.
  ☆31Updated 4 years ago
• gdbinit / flare-on
  Repository for Flare-On challenges and solutions/code
  ☆9Updated 2 months ago
• perturbed-platypus / UEFIWriteCPP
  ☆11Updated 5 years ago
• Binject / forger
  ☆20Updated 5 years ago
• its-a-feature / macos_execute_from_memory
  PoC of macho loading from memory
  ☆53Updated 2 months ago
• OsandaMalith / PESecInfo
  A simple tool to view important DLL Characteristics and change DEP and ASLR
  ☆44Updated 6 years ago
• yo-yo-yo-jbo / virtual_memory_known_dlls
  ☆18Updated last year
• ioncodes / kdbg-driver-workstation
  ☆14Updated 3 years ago
• EvanMcBroom / fuse-loader
  Load a dynamic library from memory using a fuse mount
  ☆30Updated last year
• ASkyeye / CVE-2018-19320
  Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)
  ☆20Updated 4 years ago