zimnyaa / nim-noload-dll-hollowingView external linksLinks
Unused DLL hollowing PoC in Nim
☆17Jan 31, 2022Updated 4 years ago
Alternatives and similar repositories for nim-noload-dll-hollowing
Users that are interested in nim-noload-dll-hollowing are comparing it to the libraries listed below
Sorting:
- A simple Nim stager (w/ fiber execution)☆20Jan 31, 2022Updated 4 years ago
- PoC XLL builder in Python/Nim☆49Nov 21, 2022Updated 3 years ago
- ☆26Feb 11, 2025Updated last year
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- A simple BOF that disables some logging with NtSetInformationProcess☆13Oct 13, 2023Updated 2 years ago
- Sleep Obfuscation☆45Oct 13, 2022Updated 3 years ago
- PoC code from blog☆16Mar 10, 2020Updated 5 years ago
- A simple Linux in-memory .so loader☆33Mar 29, 2023Updated 2 years ago
- XDNR is a X0R Cryptor along with DEC/N0T/R0R encoder plus random byte insertion encoder, that generates null free encrypted and encoded s…☆17Jul 12, 2022Updated 3 years ago
- List/Read contents of Zip files (in memory and without extraction) using CobaltStrike's Execute-Assembly☆61May 24, 2022Updated 3 years ago
- miscellaneous codes☆36Sep 24, 2023Updated 2 years ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆79Dec 23, 2023Updated 2 years ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- Implant drop-in for EDR testing☆147Nov 15, 2023Updated 2 years ago
- Spawn SYSTEM shells like a PRO!☆10Mar 8, 2023Updated 2 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- ShellcodeFluctuation PoC ported to Nim☆79Oct 14, 2022Updated 3 years ago
- NimicStack is the pure Nim implementation of Call Stack Spoofing technique to mimic legitimate programs☆96Aug 1, 2022Updated 3 years ago
- C# version of NTLMRawUnHide☆72Oct 8, 2022Updated 3 years ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Aug 5, 2024Updated last year
- ☆38Apr 15, 2025Updated 10 months ago
- A python port of CCob's ThreadlessInject☆25Mar 18, 2023Updated 2 years ago
- Process Injection: APC Injection☆32Jan 13, 2021Updated 5 years ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- ☆46Jun 21, 2023Updated 2 years ago
- A proof of concept of real custom GetProcAddress and GetModuleBaseAddress☆21Jul 9, 2022Updated 3 years ago
- ☆12Apr 7, 2022Updated 3 years ago
- A dotnet executable to get an Entra token in an authenticated runtime☆15Oct 30, 2024Updated last year
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 8 months ago
- x64 Registration-Free In-Process COM Automation Server.☆51Nov 28, 2022Updated 3 years ago
- TrinitySeal patcher.☆10Nov 26, 2019Updated 6 years ago
- Read Memory without ReadProcessMemory for Current Process☆89Feb 13, 2022Updated 4 years ago
- Stealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctype…☆128Sep 27, 2023Updated 2 years ago
- ☆122Oct 9, 2023Updated 2 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- ☆37Feb 11, 2023Updated 3 years ago
- Interceptor is a kernel driver focused on tampering with EDR/AV solutions in kernel space☆136Jan 2, 2023Updated 3 years ago
- .NET Project for performing Authenticated Remote Execution☆12Nov 22, 2023Updated 2 years ago