☆31Jul 26, 2024Updated last year
Alternatives and similar repositories for SyscallTempering
Users that are interested in SyscallTempering are comparing it to the libraries listed below
Sorting:
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- ☆25Apr 28, 2024Updated last year
- Enumerate the Domain for Readable and Writable Shares☆23Nov 14, 2025Updated 3 months ago
- Click Once + App Domain☆64Updated this week
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 10 months ago
- An example of COM hijacking using a proxy DLL.☆44Aug 17, 2021Updated 4 years ago
- ☆100Sep 1, 2024Updated last year
- Lockless BOF☆79May 2, 2025Updated 9 months ago
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated last year
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- ☆42Feb 18, 2025Updated last year
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- ☆108Aug 21, 2024Updated last year
- ApexLdr is a DLL Payload Loader written in C☆117Jul 17, 2024Updated last year
- Vectored Exception Handling Squared☆29Dec 27, 2025Updated 2 months ago
- ☆44Oct 16, 2023Updated 2 years ago
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆138Jul 23, 2024Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Jan 14, 2024Updated 2 years ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year
- Your syscall factory☆126Jan 13, 2026Updated last month
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- ☆73Feb 12, 2026Updated 2 weeks ago
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- ☆57Apr 19, 2023Updated 2 years ago
- ☆84May 19, 2024Updated last year
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- Add Shadow Credentials to a target object by editing their msDS-KeyCredentialLink attribute☆25Jun 5, 2024Updated last year
- A VSCode devcontainer for development of COFF files with batteries included.☆50Jul 10, 2023Updated 2 years ago
- ☆60Jan 9, 2023Updated 3 years ago
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- Loads a program into a memfd and runs it.☆11May 22, 2022Updated 3 years ago
- ☆17Jan 9, 2025Updated last year
- A tracker DLL which enables 'NTAPI->Syscall' tracking whenever it is loaded. It calls 'NtSetInformationProcess' API call with a callback …☆14Oct 21, 2024Updated last year
- Automated (kinda) deployment of MalRDP infrastructure with Terraform & Ansible☆12Sep 15, 2023Updated 2 years ago
- TokenCert☆102Nov 15, 2024Updated last year