fileless

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc.

Fileless attack with persistence

🚫💾 Run binaries straight from memory in Linux

Stealth dropper executing remote binaries without dropping them on disk .(HTTP3 support, ICMP support, invisible tracks, cross-platform,...)

A library for loading ELF from memory and/or making Linux syscalls on Android written in pure Java.

Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement

A library for loading and executing PE (Portable Executable) from memory without ever touching the disk

Slui File Handler Hijack UAC Bypass Local Privilege Escalation

.NET Antivirus Evasion Tool (Exe2Bat)

backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.

A runtime Crypter written in C++ to bypass AVs signature based detection

Powerful script for logical obfuscation of powershell scripts

Python program Fileless-PE.py generates a Python script (PEloader.py) to load a DLL or EXE file from a given URL. It provides functionality to specify a method to execute if the file is a DLL. The script utilizes the pythonmemorymodule library for memory manipulation.

A Golang shellcode loader that receives payloads via ICMP packets from a C2 server to bypass firewalls

LOLGEN: Living Off The Land Payload Generator

Powershell Malware

Generate droppers that use memfd_create() to execute ELF binaries without dropping them on disk

Test server utilizing Asyncio and Threading to perform basic administrative operations and receive data.

Materials from the speech "How to protect yourself from hidden web shells"

Hide processes from Task Manager by manually mapping itself into it and hooking NtQuerySystemInformation