A Proof-of-Concept implementation of Reflective DLL Injection (RDI) specifically for Windows on ARM64. Demonstrates PEB access via the x18 register and manual DLL mapping.
☆37May 30, 2025Updated last year
Alternatives and similar repositories for ARM64-ReflectiveDLLInjection
Users that are interested in ARM64-ReflectiveDLLInjection are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Ghosting-AMSI☆18Apr 30, 2025Updated last year
- Uses ghidra to find all ETW write metadata for each API in a PE file☆29Jul 26, 2024Updated last year
- Command-line tool for discovering SaaS platforms a company uses via DNS enumeration☆40Jul 23, 2025Updated 11 months ago
- Alternative Read and Write primitives using Rtl* functions the unintended way.☆79Aug 25, 2025Updated 10 months ago
- Impersonate Tokens using only NTAPI functions☆85Apr 4, 2025Updated last year
- Open source password manager - Proton Pass • AdSecurely store, share, and autofill your credentials with Proton Pass, the end-to-end encrypted password manager trusted by millions.
- ☆26Nov 8, 2024Updated last year
- Vectored Exception Handling Squared☆30Dec 27, 2025Updated 6 months ago
- ☆43Feb 18, 2025Updated last year
- shell code example☆69Dec 12, 2025Updated 6 months ago
- Python based tool for generating Shellcode from PIC C☆43Nov 6, 2025Updated 7 months ago
- demo unhooking functions in ntdll☆28Jul 15, 2025Updated 11 months ago
- A fully compatible replacement of Windows NT NtCreateLowBoxToken syscall - precisely restored from reverse engineering☆43Jun 10, 2025Updated last year
- Stage 0☆170Dec 18, 2024Updated last year
- Generate Volatility3 profiles from BTF.☆34Dec 21, 2024Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- ☆18Jun 16, 2025Updated last year
- Open Source Implementation of Cobalt Strike's Malleable C2☆103Updated this week
- Local SYSTEM auth trigger for relaying☆172Jul 22, 2025Updated 11 months ago
- Library that eases the use of indirect syscalls. Quite interesting AV/EDR bypass as PoC.☆168Jul 30, 2025Updated 11 months ago
- PIC shellcode (C/C++) development toolkit designed for malware developers.☆127Dec 23, 2025Updated 6 months ago
- Extracted lua script from Defender mpavbase.vdm and mpasbase.vdm☆16Jul 5, 2024Updated last year
- ☆54May 31, 2025Updated last year
- Lateral movement with DCOM DLL hijacking☆179Jul 4, 2025Updated 11 months ago
- Callstack spoofing using a VEH because VEH all the things.☆24Mar 18, 2025Updated last year
- Deploy to Railway using AI coding agents - Free Credits Offer • AdUse Claude Code, Codex, OpenCode, and more. Autonomous software development now has the infrastructure to match with Railway.
- Windows NTLM hash dump utility written in C language, that supports Windows and Linux. Hashes can be dumped in realtime or from already s…☆67Dec 29, 2023Updated 2 years ago
- An HTA Application which builds Azure (Entra) Scenarios for Red Team Simulations☆63Aug 18, 2025Updated 10 months ago
- BasicLDR: A Reflective DLL Loader☆14Jun 11, 2024Updated 2 years ago
- ☆52Jun 12, 2026Updated 2 weeks ago
- A reflective DLL development template for the Rust programming language☆121Nov 4, 2025Updated 7 months ago
- Slides for COM Hijacking AV/EDR Talk on 38c3☆75Jan 3, 2025Updated last year
- MacOS Shared Library to Shellcode Loader☆70Feb 23, 2026Updated 4 months ago
- ☆23Jan 15, 2025Updated last year
- Folder Or File Delete to Get System Shell on Current Session Desktop☆47Jan 14, 2025Updated last year
- Managed hosting for WordPress and PHP on Cloudways • AdManaged hosting for WordPress, Magento, Laravel, or PHP apps, on multiple cloud providers. Deploy in minutes on Cloudways by DigitalOcean.
- General Purpose OpSec Server☆114Mar 13, 2026Updated 3 months ago
- ☆128Dec 12, 2025Updated 6 months ago
- A C project that generates usernames based on input lists and format you decide yourself☆12Jun 12, 2026Updated 2 weeks ago
- ☆56Mar 26, 2025Updated last year
- Dump protected process memory by using BYOVD to tamper with handle objects in the kernel.☆42Aug 5, 2025Updated 10 months ago
- YongYou U8C deserialization file upload exploit tool targeting IPFxxFileService and IFileTrans services☆28Sep 28, 2025Updated 9 months ago
- AMSI detection PoC☆31Apr 14, 2020Updated 6 years ago