0xcpu / winsmsd
Windows (ShadowMove) Socket Duplication
☆80Updated 4 years ago
Alternatives and similar repositories for winsmsd:
Users that are interested in winsmsd are comparing it to the libraries listed below
- ☆69Updated last month
- ☆50Updated 4 years ago
- A simple COM server which provides a component to run shellcode☆133Updated 4 years ago
- Lists of AMSI triggers (VBA, JScript / VBScript)☆33Updated 5 years ago
- Recreating and reviewing the Windows persistence methods☆36Updated 3 years ago
- A simple dumper as FreshyCalls' PoC. That's what's trendy, isn't it? ¯\_(ツ)_/¯☆40Updated 4 years ago
- Injects shellcode into remote processes using direct syscalls☆76Updated 4 years ago
- ☆31Updated 4 years ago
- A small commented POC for removing API hooks placed by AV/EDR.☆33Updated 4 years ago
- An command-line RPC method enumerator, born out of RPCView's awesomeness☆103Updated 5 years ago
- C++ function that will automagically unhook a specified Windows API☆62Updated 4 years ago
- Inject unsigned DLL into Protected Process Light (PPL)☆21Updated 3 months ago
- Hijack Printconfig.dll to execute shellcode☆98Updated 4 years ago
- Create a Run registry key with direct system calls. Inspired by @Cneelis's Dumpert and SharpHide.☆74Updated 5 years ago
- ☆36Updated 3 years ago
- Process reimaging proof of concept code☆96Updated 5 years ago
- Open-source EDR kernel-component for system monitoring and DLL injection☆31Updated 4 years ago
- Files for http://deniable.org/windows/windows-callbacks☆25Updated 4 years ago
- (Sim)ulate (Ba)zar Loader☆29Updated 4 years ago
- C++ implant that interfaces with a SK8PARK server☆49Updated 3 years ago
- ☆82Updated 3 years ago
- Resolve syscall numbers at runtime for all Windows versions.☆61Updated 4 months ago
- Assembly HellGate implementation that directly calls Windows System Calls and displays the PPID of the explorer.exe process☆100Updated 2 years ago
- Inject shellcode to process using Windows NTAPI for bypassing EDRs and Antiviruses☆40Updated 4 years ago
- A quick tool for hiding a new process running shellcode.☆57Updated 4 years ago
- Proof of Concept code for CVE-2020-0728☆46Updated 5 years ago
- Inter-Process Communication Mechanisms☆26Updated 4 years ago
- ☆15Updated last year
- Sysmon shenanigans☆65Updated 4 years ago
- Source code for HppDLL - local password dumping using MsvpPasswordValidate hooks☆4Updated 4 years ago