x0reaxeax / PageSplitLinks
Splitting and executing shellcode across multiple pages
☆103Updated 2 years ago
Alternatives and similar repositories for PageSplit
Users that are interested in PageSplit are comparing it to the libraries listed below
Sorting:
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆84Updated last year
- Malware?☆74Updated last year
- A bunch of scripts and code i wrote.☆144Updated 11 months ago
- API Hammering with C++20☆49Updated 3 years ago
- Shellcode loader☆94Updated 11 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆68Updated last year
- ☆137Updated 2 years ago
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆87Updated 2 years ago
- ☆151Updated 2 years ago
- ☆100Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆94Updated last year
- "Service-less" driver loading☆162Updated 11 months ago
- shell code example☆63Updated last month
- Simple POC library to execute arbitrary calls proxying them via NdrServerCall2 or similar☆131Updated last year
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆102Updated 8 months ago
- ☆94Updated last year
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆124Updated 2 years ago
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆149Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- Reimplementation of the KExecDD DSE bypass technique.☆55Updated last year
- ☆118Updated 2 years ago
- This script is used to bypass DLL Hooking using a fresh mapped copy of ntdll file, patch the ETW and trigger a shellcode with process hol…☆69Updated last year
- Template-based generation of shellcode loaders☆79Updated last year
- Win32 keylogger that supports all (non-ime using) languages correctly☆52Updated last year
- Various methods of executing shellcode☆72Updated 2 years ago
- abusing Process Hacker driver to terminate other processes (BYOVD)☆84Updated 2 years ago
- ☆61Updated last year
- Linker for Beacon Object Files☆128Updated 2 weeks ago
- A PoC of Stack encryption prior to custom sleeping by leveraging CPU cycles.☆64Updated 2 years ago