zimnyaa / insomnia
a stage1 DLL loader with sleep obfuscation
☆32Updated last year
Related projects ⓘ
Alternatives and complementary repositories for insomnia
- GetModuleHandle (via PEB) and GetProcAddress (via EAT) like☆32Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆38Updated 10 months ago
- Malware?☆70Updated last month
- Collect Windows telemetry for Maldev☆57Updated this week
- A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls☆104Updated 2 months ago
- Reimplementation of the KExecDD DSE bypass technique.☆42Updated 2 months ago
- Dirty PoC on how to abuse S1's VEH for Vectored Syscalls and Local Execution☆38Updated 4 months ago
- Next gen process injection technique☆42Updated 4 years ago
- a demo module for the kaine agent to execute and inject assembly modules☆37Updated 2 months ago
- A proof of concept I developed to improve Gargoyle back in 2018 to achieve true memory obfuscation from position independent code☆39Updated 2 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Section-based payload obfuscation technique for x64☆58Updated 3 months ago
- Single stub direct and indirect syscalling with runtime SSN resolving for windows.☆127Updated 2 years ago
- ☆81Updated 3 months ago
- Halos Gate-based NTAPI Unhooker☆49Updated 2 years ago
- Patch AMSI and ETW in remote process via direct syscall☆77Updated 2 years ago
- RunPE adapted for x64 and written in C, does not use RWX☆24Updated 6 months ago
- A process injection technique using only thread context manipulation☆23Updated 11 months ago
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- Red Team Operation's Defense Evasion Technique.☆52Updated 5 months ago
- Template-based generation of shellcode loaders☆67Updated 7 months ago
- A newer iteration of TitanLdr with some newer hooks, and design. A generic user defined reflective DLL I built to prove a point to Mudge …☆164Updated last year
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆40Updated 8 months ago
- ☆106Updated last year
- A Bumblebee-inspired Crypter☆80Updated last year
- stack spoofing☆53Updated this week
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆55Updated 3 months ago
- Piece of code to detect and remove hooks in IAT☆58Updated 2 years ago
- a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless☆39Updated 4 months ago