Allevon412/ClassicAPIUnhooking external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

Allevon412/ClassicAPIUnhooking

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/Allevon412/ClassicAPIUnhooking)

Close

Allevon412 / ClassicAPIUnhookingView on GitHubMore

• External links
• Readme badge

☆16Nov 23, 2021Updated 4 years ago

Alternatives and similar repositories for ClassicAPIUnhooking

Users that are interested in ClassicAPIUnhooking are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• Allevon412 / BreadBear

  View on GitHub
  A PoC~ish of https://elastic.github.io/security-research/malware/2022/01/01.operation-bleeding-bear/article/
  ☆31Feb 26, 2024Updated 2 years ago
• jonny-jhnson / ProcCallback

  View on GitHub
  An example of how a driver can register a handle creation callback.
  ☆16Jun 12, 2023Updated 2 years ago
• Allevon412 / BreadManModuleStomping

  View on GitHub
  ☆45Oct 16, 2023Updated 2 years ago
• GetRektBoy724 / SyscallShuffler

  View on GitHub
  Your NTDLL vaccine from modern direct syscall methods.
  ☆36Apr 5, 2022Updated 4 years ago
• tothi / SharpStay

  View on GitHub
  .NET project for installing Persistence
  ☆63Feb 14, 2022Updated 4 years ago
• 1-Click AI Models by DigitalOcean Gradient • Ad
  Deploy popular AI models on DigitalOcean Gradient GPU virtual machines with just a single click. Zero configuration with optimized deployments.
• ScriptIdiot / sleepmask_PatchlessHook

  View on GitHub
  Code snippets to add on top of cobalt strike sleep mask to achieve patchless hook on AMSI and ETW
  ☆86Mar 19, 2023Updated 3 years ago
• tringi / winver

  View on GitHub
  Tiny Windows executable that outputs version information about the OS.
  ☆11Feb 1, 2026Updated 3 months ago
• silentEAG / RedTeamOps

  View on GitHub
  Use Rust to implement some Red Team techniques :)
  ☆13Nov 11, 2024Updated last year
• Allevon412 / ReflectiveDLL_Sektor7

  View on GitHub
  ☆40Nov 1, 2021Updated 4 years ago
• MahmoudZohdy / IAT-Obfuscation

  View on GitHub
  IAT-Obfuscation to make static analysis of executable harder.
  ☆45Sep 6, 2021Updated 4 years ago
• shantanu561993 / DLL-Sideload

  View on GitHub
  ☆43Jan 2, 2023Updated 3 years ago
• BambiZombie / bypass_uac_bof

  View on GitHub
  一个普通的BOF用来BypassUAC
  ☆22Apr 6, 2024Updated 2 years ago
• Sh0ckFR / InlineWhispers2

  View on GitHub
  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
  ☆186Jul 21, 2022Updated 3 years ago
• hacksysteam / CVE-2021-45067

  View on GitHub
  Adobe Reader DC Information Leak Exploit
  ☆23Oct 13, 2022Updated 3 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• mobdk / CloneProcess

  View on GitHub
  Clone running process with ZwCreateProcess
  ☆59Nov 8, 2020Updated 5 years ago
• morph3 / Windows-RPC-Backdoor

  View on GitHub
  Simple windows rpc server for research purposes only
  ☆83May 29, 2022Updated 3 years ago
• Synzack / Go-Syscall-Examples

  View on GitHub
  Simple PoCs for utilizing Windows syscalls in Go
  ☆16Jan 13, 2021Updated 5 years ago
• D4rthMaulCop / DarthNetLoader

  View on GitHub
  ☆15Aug 17, 2023Updated 2 years ago
• SaadAhla / GithubC2

  View on GitHub
  Github as C2 Demonstration , free API = free C2 Infrastructure
  ☆148Aug 2, 2023Updated 2 years ago
• m57 / cobaltstrike_bofs

  View on GitHub
  My CobaltStrike BOFS
  ☆167Jul 23, 2022Updated 3 years ago
• garrettfoster13 / wtftp

  View on GitHub
  wtftp.py is a tool to attack Microsoft Deployment Toolkit (MDT) and Windows Deployment Services (WDS).
  ☆33Jan 22, 2026Updated 3 months ago
• MagicPwnrin / CVE-2022-30206

  View on GitHub
  Exploit for CVE-2022-30206
  ☆74Sep 25, 2022Updated 3 years ago
• epichoxha / CobaltParrot

  View on GitHub
  Aggressor Notification Scripts for cobaltstrike via slack & discord
  ☆14Nov 27, 2025Updated 5 months ago
• GPUs on demand by Runpod - Special Offer Available • Ad
  Run AI, ML, and HPC workloads on powerful cloud GPUs—without limits or wasted spend. Deploy GPUs in under a minute and pay by the second.
• Teach2Breach / dll2shell

  View on GitHub
  converts sRDI compatible dlls to shellcode
  ☆38Jan 20, 2025Updated last year
• sud0Ru / CPLDCOMTrigger

  View on GitHub
  CPL remote trigger
  ☆44Dec 28, 2025Updated 4 months ago
• passthehashbrowns / DInvokeProcessHollowing

  View on GitHub
  ☆31Aug 23, 2020Updated 5 years ago
• bananabr / Givemeahand

  View on GitHub
  A PoC tool for exploiting leaked process and thread handles
  ☆34Feb 13, 2024Updated 2 years ago
• RayRRT / Active-Directory-Certificate-Services-abuse

  View on GitHub
  ☆56Sep 13, 2022Updated 3 years ago
• GetRektBoy724 / NiceTryDLL

  View on GitHub
  Nice try reading NTDLL from disk, nerd.
  ☆19Apr 18, 2022Updated 4 years ago
• jsecu / 7DaysofRed

  View on GitHub
  7 days of Red Teaming TTPs that your favorite tools may use to acheive a post exploitation goal
  ☆18Apr 17, 2021Updated 5 years ago
• PL-V / Firefox-WebInject

  View on GitHub
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆42Oct 30, 2022Updated 3 years ago
• jsacco / PPL_Bypass

  View on GitHub
  ☆12Apr 7, 2022Updated 4 years ago
• Deploy open-source AI quickly and easily - Special Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• plackyhacker / Sys-Calls

  View on GitHub
  An example of using Syscalls in C# to get a meterpreter shell.
  ☆115Oct 7, 2021Updated 4 years ago
• codewhitesec / Lastenzug

  View on GitHub
  Socks4a proxy leveraging PIC, Websockets and static obfuscation on assembly level
  ☆236Oct 18, 2022Updated 3 years ago
• Allevon412 / ReflectiveDLLInjector

  View on GitHub
  This program is used to perform reflective DLL Injection to a remote process specified by the user.
  ☆64Jul 11, 2023Updated 2 years ago
• dis0rder0x00 / CanYouCTheThief

  View on GitHub
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆70Mar 25, 2022Updated 4 years ago
• rad9800 / VehApiResolve

  View on GitHub
  ☆119Aug 7, 2022Updated 3 years ago
• Leo4j / Invoke-RunAsSystem

  View on GitHub
  A simple script to elevate current session to SYSTEM (needs to be run as Administrator)
  ☆16Nov 11, 2024Updated last year
• decoder-it / DFSCoerce-exe-2

  View on GitHub
  DFSCoerce exe revisited version with custom authentication
  ☆43Jan 13, 2024Updated 2 years ago