Alternatives and similar repositories for nim-noload-dll-hollowing:

Users that are interested in nim-noload-dll-hollowing are comparing it to the libraries listed below

• zimnyaa / fiber-stager
  A simple Nim stager (w/ fiber execution)
  ☆16Updated 3 years ago
• caueb / ThreadlessStompingKann
  Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.
  ☆39Updated last year
• zimnyaa / xyrella
  PoC XLL builder in Python/Nim
  ☆44Updated 2 years ago
• susMdT / effective-waffle
  yet another sleep encryption thing. also used the default github repo name for this one.
  ☆69Updated last year
• zimnyaa / PhaseDive
  Sleep Obfuscation
  ☆43Updated 2 years ago
• zimawhit3 / DynimicGhostWriting
  Windows x64 Process Injection via Ghostwriting with Dynamic Configuration
  ☆28Updated 3 years ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• pruno7 / nEkko
  A nim port of C5pider's Ekko project.
  ☆17Updated 2 years ago
• OffenseTeacher / Steganim
  ☆47Updated last year
• snovvcrash / BOFs
  Beacon Object Files (not Buffer Overflows)
  ☆53Updated last year
• waawaa / Hooked-Injector
  Hooked create process injection for meterpreter
  ☆23Updated 3 years ago
• Allevon412 / BreadManModuleStomping
  ☆42Updated last year
• paranoidninja / DotNetTracer
  C code to enable ETW tracing for Dotnet Assemblies
  ☆31Updated 2 years ago
• Ap3x / COFF-Loader
  A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader
  ☆41Updated last year
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆46Updated last year
• synap5e / onefile_python
  Run python from a single exe
  ☆34Updated 2 years ago
• jsecu / BOF-pack-1
  A care package of useful bofs for red team engagments
  ☆54Updated 2 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• oXis / NimWinAPICustom
  Resolve WinAPI func. Custom GetProcAddress and GetModuleHandle written in Nim
  ☆32Updated 3 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆45Updated 2 years ago
• RixedLabs / IDLE-Abuse
  A method to execute shellcode using RegisterWaitForInputIdle API.
  ☆52Updated last year
• Kharos102 / interceptor
  Sample Rust Hooking Engine
  ☆35Updated 10 months ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• S3cur3Th1sSh1t / NimShellcodeFluctuation
  ShellcodeFluctuation PoC ported to Nim
  ☆75Updated 2 years ago
• RobinFassinaMoschiniForks / TransitionalPeriod
  Former Multi - Ring to Kernel To UserMode Transitional Shellcode For Remote Kernel Exploits
  ☆27Updated 2 years ago
• xpn / ObjectOverloadingPOC
  ☆59Updated 3 years ago
• jsecu / ElevatedEvents
  ☆29Updated 2 years ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆73Updated 2 years ago