Lnkbomb Lnkbomb is used for uploading malicious shortcut files to insecure file shares. The vulnerability exists due to Windows looking for an icon file to associate with the shortcut file....
Project Ares Project Ares Injector Project Ares Injector is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique. The loader injects a PE into a remote...
TeamsImplant This project is a stealthy teams implant that proxies the urlmon.dll that teams use to compile and throw this bad boy in the teams directory as urlmon.dll and you...
Shellcode Template An easily modifiable shellcode template for Windows x64/x86 How does it work? This template is heavily based on Austin Hudson’s (aka SecIdiot) TitanLdr It compiles the project into a PE...
Nimcrypt2 Nimcrypt2 is yet another PE packer/loader designed to bypass AV/EDR. It is an improvement on my original Nimcrypt project, with the main improvements being the use of direct syscalls and the...
PELoader PELoader implements various shellcode injection techniques and uses libpeconv library to load encrypted PE files instead of injecting shellcode into remote thread. Following techniques were implemented: Module Stomping (LoadLibrary) Module...
Shhhloader Shhhloader is a SysWhispers/GetSyscallStub Shellcode Loader that is currently a Work in Progress. It takes raw shellcode as input and compiles a C++ stub that uses syscalls to try...
EDRSandBlast EDRSandBlast is a tool written in C that weaponizes a vulnerable signed driver to bypass EDR detections (Kernel callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking...
moonwalk moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the...
Ivy Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code in memory. Ivy’s loader does this by abusing programmatical access in the VBA object...
FunctionStomping This is a brand-new technique for shellcode injection to evade AVs and EDRs. This technique is inspired by Module Stomping and has some similarities. As to this date (23-01-2022)...
volana – Shell command obfuscation to avoid SIEM/detection system During pentest, an important aspect is to be stealthy. For this reason, you should clear your tracks after your passage. Nevertheless,...
Shellcode Injection Techniques A collection of C# shellcode injection techniques. All techniques use an AES encrypted meterpreter payload. I will be building this project up as I learn, discover or...
elfloader elfloader is a super simple loader for ELF files that generates a flat in-memory representation of the ELF. Pair this with Rust and now you can write your shellcode in...
Bluffy Bluffy is a utility which was used in experiments to bypass Anti-Virus products (statically) by formatting shellcode into realistic-looking data formats. So far, we implemented: UUID CLSID SVG CSS...
Support Securityonline.info site. Thanks!
