voidvxvt / HellBunny
Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks
☆77Updated last month
Alternatives and similar repositories for HellBunny:
Users that are interested in HellBunny are comparing it to the libraries listed below
- Construct the payload at runtime using an array of offsets☆61Updated 7 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆73Updated 5 months ago
- This is way to load a shellcode, and obfuscate it, so it avoids scantime detection.☆53Updated 6 months ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆114Updated 3 months ago
- .bin file to shellcode convertor☆31Updated 6 months ago
- Sleep obfuscation☆206Updated last month
- ☆122Updated 4 months ago
- BOF with Synthetic Stackframe☆103Updated this week
- A collection of position independent coding resources☆64Updated last week
- ☆137Updated 6 months ago
- ☆120Updated last year
- Windows Thread Pool Injection Havoc Implementation☆28Updated 10 months ago
- Just another C2 Redirector using CloudFlare.☆84Updated 8 months ago
- NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg☆46Updated 11 months ago
- A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust☆83Updated 9 months ago
- Stage 0☆148Updated last month
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆84Updated 7 months ago
- Port of Cobalt Strike's Process Inject Kit☆162Updated last month
- ☆48Updated 3 months ago
- Huffman Coding in Shellcode Obfuscation & Dynamic Indirect Syscalls Loader.☆89Updated 10 months ago
- Section-based payload obfuscation technique for x64☆59Updated 5 months ago
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆56Updated last year
- Recursive Loader☆101Updated 3 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆46Updated 8 months ago
- Flexible LDAP proxy that can be used to inspect & transform all LDAP packets generated by other tools on the fly.☆103Updated last month
- Threadless shellcode injection tool☆64Updated 5 months ago
- Two in one, patch lifetime powershell console, no more etw and amsi!☆83Updated 7 months ago
- DebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.☆96Updated last year
- ☆92Updated 4 months ago