A Proof-of-Concept implementation of Reflective DLL Injection (RDI) specifically for Windows on ARM64. Demonstrates PEB access via the x18 register and manual DLL mapping.
☆34May 30, 2025Updated 9 months ago
Alternatives and similar repositories for ARM64-ReflectiveDLLInjection
Users that are interested in ARM64-ReflectiveDLLInjection are comparing it to the libraries listed below
Sorting:
- Ghosting-AMSI☆18Apr 30, 2025Updated 10 months ago
- Uses ghidra to find all ETW write metadata for each API in a PE file☆28Jul 26, 2024Updated last year
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆39Jul 23, 2025Updated 7 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 6 months ago
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- UAC Bypass using RequestTrace scheduled task☆24Mar 13, 2025Updated last year
- ☆26Nov 8, 2024Updated last year
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- shell code example☆68Dec 12, 2025Updated 3 months ago
- ☆42Feb 18, 2025Updated last year
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 4 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 8 months ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆43Jun 10, 2025Updated 9 months ago
- Stage 0☆169Dec 18, 2024Updated last year
- Process Injection: APC Injection☆33Jan 13, 2021Updated 5 years ago
- Generate Volatility3 profiles from BTF.☆31Dec 21, 2024Updated last year
- Variety of different process injections implemented in C++☆26May 2, 2021Updated 4 years ago
- Open Source Implementation of Cobalt Strike's Malleable C2☆96Jan 27, 2026Updated last month
- ☆17Jun 16, 2025Updated 9 months ago
- Local SYSTEM auth trigger for relaying☆170Jul 22, 2025Updated 8 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆166Jul 30, 2025Updated 7 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆121Dec 23, 2025Updated 2 months ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆16Jul 5, 2024Updated last year
- Lateral movement with DCOM DLL hijacking☆176Jul 4, 2025Updated 8 months ago
- ☆55May 31, 2025Updated 9 months ago
- Callstack spoofing using a VEH because VEH all the things.☆23Mar 18, 2025Updated last year
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆67Dec 29, 2023Updated 2 years ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆62Aug 18, 2025Updated 7 months ago
- BasicLDR: A Reflective DLL Loader☆14Jun 11, 2024Updated last year
- ☆53Sep 23, 2025Updated 5 months ago
- A reflective DLL development template for the Rust programming language☆116Nov 4, 2025Updated 4 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- General Purpose OpSec Server☆112Mar 13, 2026Updated last week
- MacOS Shared Library to Shellcode Loader☆60Feb 23, 2026Updated 3 weeks ago
- ☆22Jan 15, 2025Updated last year
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- ☆128Dec 12, 2025Updated 3 months ago
- A C project that generates usernames based on input lists and format you decide yourself☆11Jan 23, 2025Updated last year
- Arsenal of modules to beacon postex☆97Mar 13, 2026Updated last week