shellcode生成框架
☆90Jul 11, 2024Updated last year
Alternatives and similar repositories for obj2shellcode
Users that are interested in obj2shellcode are comparing it to the libraries listed below
Sorting:
- 通杀检测基于白文件patch黑代码的免杀技术的后门☆181Aug 3, 2024Updated last year
- 使用Visral Studio开发ShellCode☆234Oct 11, 2023Updated 2 years ago
- beta☆120Sep 24, 2024Updated last year
- Process injection alternative☆406Sep 6, 2024Updated last year
- tsh多终端代理通信☆19Feb 26, 2025Updated last year
- Bypass LSA protection using the BYODLL technique☆171Sep 21, 2024Updated last year
- 重构Beacon☆165Aug 19, 2024Updated last year
- 一个手动或自动patch shellcode到二进制文件的免杀工具/A tool for manual or automatic patch shellcode into binary file oder to bypass AV.☆561May 30, 2025Updated 8 months ago
- Beacon compiled using clang☆72Jan 22, 2023Updated 3 years ago
- Self Cleanup in post-ex job☆59Sep 10, 2024Updated last year
- Reflective shellcode loaderwith advanced call stack spoofing and .NET support.☆226Sep 19, 2025Updated 5 months ago
- Generating legitimate call stack frame along with indirect syscalls by abusing Vectored Exception Handling (VEH) to bypass User-Land EDR …☆297Jul 31, 2024Updated last year
- A beacon object file implementation of PoolParty Process Injection Technique.☆433Dec 21, 2023Updated 2 years ago
- Binary Hollowing☆94Sep 10, 2024Updated last year
- Beacon Debugger☆55Oct 28, 2024Updated last year
- 这是一个shellcode简单的示例demo,使目标exe程序转换为shellcode可执行程序的一个demo【并不打算后期维护】,两年前写的,我发现被工作磨平了对技术的探索,今天翻到发现的。☆11Sep 23, 2023Updated 2 years ago
- A PoC implementation for spoofing arbitrary call stacks when making sys calls (e.g. grabbing a handle via NtOpenProcess)☆553Apr 8, 2025Updated 10 months ago
- Coffee is a loader for ELF (Executable and Linkable Format) object files written in Rust. Coffee是一个用Rust语言编写的ELF object文件的加载器☆63Apr 29, 2024Updated last year
- Syscall免杀☆511Jun 21, 2024Updated last year
- 制作 shellcode 的模板☆31Oct 30, 2024Updated last year
- 钓鱼上线后渗透工具☆132Feb 19, 2023Updated 3 years ago
- Generic PE loader for fast prototyping evasion techniques☆244Jul 2, 2024Updated last year
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆169May 17, 2023Updated 2 years ago
- 添加计划任务方法集合☆309Aug 6, 2023Updated 2 years ago
- A BOF that runs unmanaged PEs inline�☆680Oct 23, 2024Updated last year
- CobaltStrike beacon in rust☆208Aug 10, 2024Updated last year
- Walks the CFG bitmap to find previously executable but currently hidden shellcode regions☆133May 17, 2023Updated 2 years ago
- ☆147Oct 29, 2024Updated last year
- 寻找可利用的白文件☆556Aug 18, 2025Updated 6 months ago
- ☆18Nov 23, 2023Updated 2 years ago
- An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer☆539Feb 13, 2024Updated 2 years ago
- ☆126Sep 1, 2024Updated last year
- 本项目是一个远程控制应用,使用 Golang 开发,允许用户通过 Web 界面远程控制和屏幕监控其他计算机。主要功能包括屏幕共享、鼠标和键盘控制以及键盘记录。☆455Jan 30, 2026Updated 3 weeks ago
- bootkit驱动映射,三环进程注入加载指定模块☆14Oct 8, 2024Updated last year
- Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.☆249Jun 11, 2024Updated last year
- Dynamically convert an unmanaged EXE or DLL file to PIC shellcode by prepending a shellcode stub.☆325Apr 12, 2024Updated last year
- Take a screenshot without injection for Cobalt Strike☆203Jun 7, 2023Updated 2 years ago
- HWSyscalls is a new method to execute indirect syscalls using HWBP, HalosGate and a synthetic trampoline on kernel32 with HWBP.☆718Jul 19, 2023Updated 2 years ago
- ☆108Aug 21, 2024Updated last year