x0reaxeax / Fetch-n-ExecLinks
An x64 binary executing code that's not inside of it.
☆16Updated 2 years ago
Alternatives and similar repositories for Fetch-n-Exec
Users that are interested in Fetch-n-Exec are comparing it to the libraries listed below
Sorting:
- ☆12Updated last year
- using the Recycle Bin to insure persistence☆12Updated 2 years ago
- AIDA64DRIVER Elevation of Privilege Vulnerability☆13Updated 7 months ago
- A simple PE loader.☆26Updated 2 years ago
- Process Injection: APC Injection☆32Updated 4 years ago
- ☆31Updated last month
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆30Updated 9 months ago
- Listing UDP connections with remote address without sniffing.☆29Updated last year
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 3 years ago
- A class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class☆26Updated last year
- A repository filled with ideas to break/detect direct syscall techniques☆27Updated 3 years ago
- improving zerosums smbdoor - a silent remote backdoor which abuses undoc. APIs in srvnet.sys☆50Updated 2 years ago
- A PoC tool for exploiting leaked process and thread handles☆31Updated last year
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆21Updated last month
- Dangling COM Keys Finder☆17Updated 3 years ago
- Released presentations of my talks + code that used during these talks☆14Updated 8 months ago
- really ?☆12Updated last year
- ☆18Updated last year
- ☆13Updated 2 years ago
- This exploit use PEB walk technique to resolve API calls dynamically, obfuscate all API calls to perform process injection.☆17Updated 10 months ago
- Mentally ill EtwTi parser☆38Updated 2 months ago
- ☆54Updated 2 years ago
- Manually perform syscalls without going through any external API or DLL.☆18Updated 2 years ago
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆12Updated 7 months ago
- Hooked create process injection for meterpreter☆23Updated 3 years ago
- Small tool to play with IOCs caused by Imageload events☆42Updated 2 years ago
- API Hammering with C++20☆47Updated 2 years ago
- ☆18Updated last week
- Callstack spoofing using a VEH because VEH all the things.☆21Updated 2 months ago
- Code injection via ZwCreateSection, ZwUnmapViewOfSection. C++ example☆17Updated 3 years ago