☆31Jul 26, 2024Updated last year
Alternatives and similar repositories for SyscallTempering
Users that are interested in SyscallTempering are comparing it to the libraries listed below
Sorting:
- OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…☆13Oct 27, 2024Updated last year
- ☆25Apr 28, 2024Updated last year
- Enumerate the Domain for Readable and Writable Shares☆23Nov 14, 2025Updated 4 months ago
- A VSCode plugin to assist with BOF development.☆37Aug 14, 2024Updated last year
- Click Once + App Domain☆67Feb 23, 2026Updated 3 weeks ago
- ☆100Sep 1, 2024Updated last year
- ☆33Jan 23, 2025Updated last year
- ☆108Aug 21, 2024Updated last year
- Impersonate Tokens using only NTAPI functions☆84Apr 4, 2025Updated 11 months ago
- A C# port from Invoke-GhostTask☆120Jan 5, 2024Updated 2 years ago
- ☆42Feb 18, 2025Updated last year
- ApexLdr is a DLL Payload Loader written in C☆117Jul 17, 2024Updated last year
- Lockless BOF☆79May 2, 2025Updated 10 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆63Mar 19, 2024Updated 2 years ago
- Section-based payload obfuscation technique for x64☆64Aug 8, 2024Updated last year
- RunPE adapted for x64 and written in C, does not use RWX☆28May 18, 2024Updated last year
- TokenCert☆102Nov 15, 2024Updated last year
- Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination…☆138Jul 23, 2024Updated last year
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆46Jul 29, 2024Updated last year
- In-memory sleep encryption and heap encryption for Go applications through a shellcode function.☆40Jan 14, 2024Updated 2 years ago
- An example of COM hijacking using a proxy DLL.☆44Aug 17, 2021Updated 4 years ago
- Identify common EDR processes, directories, and services. Simple BOF of Invoke-EDRChecker.☆133Oct 4, 2024Updated last year
- Locate dlls and function addresses without PEB Walk and EAT parsing☆105Nov 7, 2025Updated 4 months ago
- A simple rpc2socks alternative in pure Go.☆31Jul 8, 2024Updated last year
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP☆127Mar 14, 2026Updated last week
- Your NTDLL vaccine from modern direct syscall methods.☆36Apr 5, 2022Updated 3 years ago
- BOF and C++ implementation of the Windows Defender sandboxing technique described by Elastic Security Labs/Gabriel Landau.☆24Jul 5, 2023Updated 2 years ago
- ☆79Aug 5, 2024Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆65Aug 23, 2023Updated 2 years ago
- ☆44Oct 16, 2023Updated 2 years ago
- ☆17Jan 9, 2025Updated last year
- A reimplementation of Cobalt Strike's Beacon Object File (BOF) Loader☆66Mar 6, 2026Updated 2 weeks ago
- ☆81Feb 12, 2026Updated last month
- BadExclusions is a tool to identify folder custom or undocumented exclusions on AV/EDR☆21Feb 8, 2024Updated 2 years ago
- Python C2 with JScript Implant☆15Nov 15, 2023Updated 2 years ago
- ☆126Sep 1, 2024Updated last year
- ☆61Jan 9, 2023Updated 3 years ago
- ☆84May 19, 2024Updated last year