Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
-
Updated
Sep 6, 2021 - C#
Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.
Load shellcode via syscall
基于csharp实现的免杀shellcode加载器
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
Windows Service with the implementation of the Process hollowing technique to run shellcode
Shellcode Load or execute via "APC technic"
Example of C# heap injector for x64 and x86 shellcodes
A Simple ShellcodeLoader
Expeditus is a loader that executes shellcode on a target Windows system. It combines several offensive techniques in order to attempt to do this with some level of stealth.
Shellcode execution via CreateThreadpoolWait with Csharp
Shellcode injection or execution via AddressOfEntryPoint hijack.
Add a description, image, and links to the shellcode-loader topic page so that developers can more easily learn about it.
To associate your repository with the shellcode-loader topic, visit your repo's landing page and select "manage topics."