Research into removing strings & API call references at compile-time (Anti-Analysis)
☆28Jun 2, 2024Updated last year
Alternatives and similar repositories for HideStaticReferences
Users that are interested in HideStaticReferences are comparing it to the libraries listed below
Sorting:
- Detect suspend you process☆14Jun 7, 2023Updated 2 years ago
- A C++ tool to inspect and extract contents from PyInstaller archives☆20Oct 19, 2025Updated 5 months ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated 2 years ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- PowerShell script to generate ShellCode in various formats☆45Sep 25, 2024Updated last year
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 9 months ago
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- Convert native dll to shellcode, and support exported function☆25Feb 10, 2021Updated 5 years ago
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆172May 17, 2023Updated 2 years ago
- LdrLoadDll Unhooking☆135Jan 16, 2022Updated 4 years ago
- Click Once + App Domain☆67Feb 23, 2026Updated 3 weeks ago
- ☆16Sep 23, 2021Updated 4 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆50Sep 27, 2025Updated 5 months ago
- Anti Suspend and Detect Detaching from debuggers.☆17Apr 1, 2024Updated last year
- Extra cmdlets to help with quering security related information from Azure☆14Sep 16, 2024Updated last year
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- ☆42Feb 18, 2025Updated last year
- PoC code for IsValidImageCRC()☆22May 3, 2023Updated 2 years ago
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 11 months ago
- ☆18Mar 28, 2023Updated 2 years ago
- Heap encryption in Nim☆20Aug 25, 2024Updated last year
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆412Jan 11, 2026Updated 2 months ago
- Indirect syscalls + DInvoke made simple.☆95Dec 24, 2024Updated last year
- A nim implementation of sRDI☆20Oct 18, 2023Updated 2 years ago
- ☆16Aug 28, 2024Updated last year
- Allows you to find the use of ScyllaHide, if your program will debug and restore hooking functions bytes.☆27Aug 3, 2019Updated 6 years ago
- Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low…☆148May 6, 2023Updated 2 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Sep 4, 2023Updated 2 years ago
- Mentally ill EtwTi parser☆69Jan 11, 2026Updated 2 months ago
- ☆70Oct 30, 2023Updated 2 years ago
- different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)☆203Aug 2, 2023Updated 2 years ago
- EventLogSilencer is a PowerShell script designed for disable Windows Event Logging☆18Oct 28, 2023Updated 2 years ago
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Bypass user-land hooks by syscall tampering via the Trap Flag☆139Aug 25, 2025Updated 6 months ago
- DSE & PG bypass via BYOVD attack☆79Jul 12, 2025Updated 8 months ago
- Slaying multi-language LLVM IR with obfuscation passes to achieve JIT execution☆130Dec 24, 2025Updated 2 months ago
- Proof of concept Anti-Cheat plugin.☆57Sep 13, 2024Updated last year
- Identifies bad bytes from static analysis with any Anti-Virus scanner.☆129Jul 5, 2024Updated last year