x0reaxeax / PageSplitLinks
Splitting and executing shellcode across multiple pages
☆101Updated 2 years ago
Alternatives and similar repositories for PageSplit
Users that are interested in PageSplit are comparing it to the libraries listed below
Sorting:
- Malware?☆74Updated 10 months ago
- API Hammering with C++20☆49Updated 3 years ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆77Updated last year
- Shellcode loader using direct syscalls via Hell's Gate and payload encryption.☆91Updated last year
- A bunch of scripts and code i wrote.☆143Updated 9 months ago
- shell code example☆62Updated 3 months ago
- ☆137Updated 2 years ago
- ☆152Updated last year
- ☆100Updated last year
- Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).☆145Updated 2 years ago
- Mirage is a PoC memory evasion technique that relies on a vulnerable VBS enclave to hide shellcode within VTL1.☆97Updated 6 months ago
- Patch AMSI and ETW in remote process via direct syscall☆83Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆124Updated 2 years ago
- ☆61Updated last year
- Another approach of Threadless injection discovered by @_EthicalChaos_ in c that loads a module into the target process and stomps it, an…☆180Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆65Updated last year
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆138Updated 2 years ago
- Proof of Concepts code for Bring Your Own Vulnerable Driver techniques☆161Updated last week
- ☆114Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Updated last year
- "Service-less" driver loading☆159Updated 9 months ago
- Template-based generation of shellcode loaders☆79Updated last year
- abusing Process Hacker driver to terminate other processes (BYOVD)☆83Updated 2 years ago
- Reimplementation of the KExecDD DSE bypass technique.☆53Updated 11 months ago
- ☆88Updated last year
- This repo goes with the blog entry at blog.malicious.group entitled "Writing your own RDI / sRDI loader using C and ASM".☆86Updated 2 years ago
- Shellcode Loader Utilizing ETW Events☆65Updated 6 months ago
- Win32 keylogger that supports all (non-ime using) languages correctly☆51Updated last year
- Next gen process injection technique☆54Updated 5 years ago
- TypeLib persistence technique☆127Updated 10 months ago