A more reliable way of resolving syscall numbers in Windows
☆54Feb 12, 2024Updated 2 years ago
Alternatives and similar repositories for Hypnos
Users that are interested in Hypnos are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- BOF for C2 framework☆44Nov 9, 2024Updated last year
- ☆153Oct 2, 2023Updated 2 years ago
- Modify managed functions from unmanaged code☆53Feb 1, 2024Updated 2 years ago
- ☆108Aug 21, 2024Updated last year
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- ☆12Jul 2, 2023Updated 2 years ago
- Shellcode Loader Implementing Indirect Dynamic Syscall , API Hashing, Fileless Shellcode retrieving using Winsock2☆293Jul 15, 2023Updated 2 years ago
- A collection of position independent coding resources☆109Nov 15, 2025Updated 4 months ago
- Execute shellcode files with rundll32☆218Jan 28, 2024Updated 2 years ago
- ☆101Oct 7, 2023Updated 2 years ago
- An improvement and a different approach to Mockingjay Self-Injection.☆35May 21, 2024Updated last year
- An In-memory Embedding of CPython☆31May 24, 2021Updated 4 years ago
- .net config loader☆349Nov 9, 2023Updated 2 years ago
- Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver☆55Oct 19, 2023Updated 2 years ago
- Persistence via Shell Extensions☆64Aug 4, 2023Updated 2 years ago
- A collection of various and sundry code snippets that leverage .NET dynamic tradecraft☆145May 18, 2024Updated last year
- SHELLSILO is a cutting-edge tool that translates C syntax into syscall assembly and its corresponding shellcode. It streamlines the proce…☆154Aug 4, 2025Updated 7 months ago
- Your Windows syscall hooking factory - feat Canterlot's Gate - All accessible over MCP☆127Updated this week
- early cascade injection PoC based on Outflanks blog post☆239Nov 7, 2024Updated last year
- A .NET malware loader, using API-Hashing to evade static analysis☆210May 30, 2023Updated 2 years ago
- simple C# portscanner - written for playing around with Metasploit's Execute-Assembly☆10Jul 1, 2023Updated 2 years ago
- ☆342Nov 10, 2025Updated 4 months ago
- A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.☆317Aug 31, 2023Updated 2 years ago
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- .NET assembly loader with patchless AMSI and ETW bypass☆374Apr 19, 2023Updated 2 years ago
- Abusing mhyprotect to kill AVs / EDRs / XDRs / Protected Processes.☆408Mar 16, 2026Updated last week
- Lateral Movement☆126Nov 14, 2023Updated 2 years ago
- Bunch of BOF files☆40Jun 30, 2025Updated 8 months ago
- Sliver extension performing TCP redirection tasks without performing cross-process injection.☆68Jan 14, 2025Updated last year
- Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…☆306Aug 2, 2023Updated 2 years ago
- .NET Post-Exploitation Utility for Abusing Strong Explicit Certificate Mappings in ADCS☆150Feb 10, 2025Updated last year
- A C# tool to output crackable DPAPI hashes from user MasterKeys☆140Sep 14, 2024Updated last year
- Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird …☆787Jan 26, 2026Updated last month
- Rewrote HellsGate in C# for fun and learning☆86Feb 10, 2022Updated 4 years ago
- MIPS VM to execute payloads without allocating executable memory. Based on a PlayStation 1 (PSX) Emulator.☆126Dec 6, 2024Updated last year
- Sleep obfuscation☆271Dec 13, 2024Updated last year
- Decrypt Veeam database passwords☆221Dec 8, 2025Updated 3 months ago
- ☆125Jun 28, 2023Updated 2 years ago
- Load a dynamic library from memory by modifying the native Windows loader☆285Jun 18, 2025Updated 9 months ago