0xJs / EnumMitigationsLinks
Reports on Driver, LSASS and other security services mitigations
☆27Updated last week
Alternatives and similar repositories for EnumMitigations
Users that are interested in EnumMitigations are comparing it to the libraries listed below
Sorting:
- Section-based payload obfuscation technique for x64☆64Updated last year
- ☆56Updated 9 months ago
- Windows AppLocker Driver (appid.sys) LPE☆62Updated last year
- Shellcode Loader Utilizing ETW Events☆64Updated 5 months ago
- Indirect Syscall implementation to bypass userland NTAPIs hooking.☆76Updated 11 months ago
- Mythic C2 Agent written in x64 PIC C☆81Updated 6 months ago
- Post-Ex BOF tooling for Hannibal☆24Updated 8 months ago
- Combining 3 techniques (Threadless Injection + DLL Stomping + Caro-Kann) together to evade MDE.☆61Updated last year
- A pure C version of SymProcAddress☆29Updated last year
- Splitting and executing shellcode across multiple pages☆102Updated 2 years ago
- ☆87Updated 11 months ago
- Adaptive DLL hijacking / dynamic export forwarding - EAT preserve☆78Updated last year
- shell code example☆61Updated 2 months ago
- ☆57Updated 3 months ago
- ☆59Updated last year
- Proxy function calls through the thread pool with ease☆28Updated 5 months ago
- Demoting PPL anti-malware services to less than a guest user☆64Updated 6 months ago
- Identifies LOLDrivers that are not blocked by the active HVCI policy — ideal for BYOVD scenarios.☆60Updated 2 weeks ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 6 months ago
- BOF for C2 framework☆41Updated 9 months ago
- ☆34Updated 4 months ago
- This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)☆51Updated last year
- ☆35Updated 7 months ago
- Construct the payload at runtime using an array of offsets☆63Updated last year
- Shellcode capable of bypassing EAF / IAF mitigations☆20Updated 2 years ago
- EvtPsst☆55Updated last year
- A more reliable way of resolving syscall numbers in Windows☆52Updated last year
- ☆34Updated 3 months ago
- Work, timer, and wait callback example using solely Native Windows APIs.☆89Updated last year
- a demo module for the kaine agent to execute and inject assembly modules☆39Updated 11 months ago