Research into removing strings & API call references at compile-time (Anti-Analysis)
☆28Jun 2, 2024Updated last year
Alternatives and similar repositories for HideStaticReferences
Users that are interested in HideStaticReferences are comparing it to the libraries listed below
Sorting:
- A C++ tool to inspect and extract contents from PyInstaller archives☆19Oct 19, 2025Updated 4 months ago
- In-memory hiding technique☆63Jan 5, 2025Updated last year
- PowerShell script to generate ShellCode in various formats☆45Sep 25, 2024Updated last year
- Uses Threat-Intelligence ETW events to identify shellcode regions being hidden by fluctuating memory protections☆169May 17, 2023Updated 2 years ago
- it's a driver injector or driver loader header lib(Windows)☆12Aug 5, 2023Updated 2 years ago
- Zero EAT touch way to retrieve function addresses (GetProcAddress on steroids)☆144Mar 16, 2024Updated last year
- FrostLock Injection is a freeze/thaw-based code injection technique that uses Windows Job Objects to temporarily freeze (suspend) a targe…☆43Apr 6, 2025Updated 10 months ago
- ☆16Aug 28, 2024Updated last year
- Utilizing DLang For Offensive Operations.☆14May 29, 2025Updated 9 months ago
- Click Once + App Domain☆64Updated this week
- Detect suspend you process☆13Jun 7, 2023Updated 2 years ago
- Python script that fetches, analyzes, and reports Microsoft Patch Tuesday updates via the MSRC API — with a clean web interface for easy …☆24Updated this week
- It's what all the kids are talking about☆12Apr 25, 2023Updated 2 years ago
- A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls.☆409Jan 11, 2026Updated last month
- A collection of sample code used in some experiments with Sliver C2☆16Mar 28, 2023Updated 2 years ago
- 对Windbg以Exdi模式下调试windows做一些修复☆21Aug 25, 2023Updated 2 years ago
- Convert native dll to shellcode, and support exported function☆25Feb 10, 2021Updated 5 years ago
- Putting the C2 in C2loudflare☆18Jun 28, 2024Updated last year
- Indirect syscalls + DInvoke made simple.☆96Dec 24, 2024Updated last year
- Comprehensive Windows Syscall Extraction & Analysis Framework☆162Aug 30, 2025Updated 6 months ago
- Repository of Microsoft Driver Block Lists based off of OS-builds☆43Apr 14, 2024Updated last year
- Mentally ill EtwTi parser☆68Jan 11, 2026Updated last month
- ☆19Apr 28, 2025Updated 10 months ago
- string encryption in Nim☆20Jun 15, 2024Updated last year
- ☆18Mar 28, 2023Updated 2 years ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆41Nov 4, 2025Updated 3 months ago
- https://www.huorong.cn/☆15Apr 16, 2024Updated last year
- Shellcode Loader with Indirect Dynamic syscall Implementation , shellcode in MAC format, API resolving from PEB, Syscall calll and syscal…☆322Aug 2, 2023Updated 2 years ago
- Allows for same-file KernelMode function execution using Encrypted addresses of Functions☆51Sep 27, 2025Updated 5 months ago
- Microsoft Redistributable Download & Installer☆18Oct 14, 2019Updated 6 years ago
- ☆16Sep 23, 2021Updated 4 years ago
- Dangling COM Keys Finder☆17Nov 16, 2021Updated 4 years ago
- Windows File Enumeration Intel Gathering Tool.☆17Sep 4, 2023Updated 2 years ago
- A PoC for adding NtContinue to CFG allowed list in order to make Ekko work in a CFG protected process☆115Aug 29, 2022Updated 3 years ago
- ☆42Feb 18, 2025Updated last year
- Snaffler reimplementation in Python - https://github.com/SnaffCon/Snaffler☆119Jul 12, 2025Updated 7 months ago
- ☆70Oct 30, 2023Updated 2 years ago
- Emulate Drivers in RING3 with self context mapping or unicorn☆21Jan 1, 2025Updated last year
- DSE & PG bypass via BYOVD attack☆76Jul 12, 2025Updated 7 months ago