BreadManModuleStomping
No description available
Install / Use
/learn @Allevon412/BreadManModuleStompingREADME
BreadManModuleStomping
This project was created to show off a technique I created called BreadManModuleStomping. It performs module stomping with a unique twist. Instead of loading a module into memory and then overwriting the contents of the .text section with a malicious payload. It does the following:
- Searches for a code cave in previously loaded module (i.e. kernel32) that has the capacity to fit our shellcode
- Changes memory permissions from execute & read to read & write
- writes payload to code cave
- Executes payload to code cave.
This has a few benefits from an offensive security perspective:
- Does not require interaction with the file system or windows loader. - Less possibilty to trigger events.
- Code execution appears to come from legitimately loaded module in the call stack. - Less possibility for call stack detection.
Related Skills
node-connect
347.2kDiagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps
frontend-design
108.0kCreate distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.
openai-whisper-api
347.2kTranscribe audio via OpenAI Audio Transcriptions API (Whisper).
qqbot-media
347.2kQQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。
