A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
☆10Dec 16, 2021Updated 4 years ago
Alternatives and similar repositories for UnhookPoC
Users that are interested in UnhookPoC are comparing it to the libraries listed below
Sorting:
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- study_summary☆10Aug 8, 2022Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- Shellcode异或加密工具☆12Mar 23, 2017Updated 8 years ago
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago
- Golang:采用随机deskey和hex进行文件加密,常用于加密shellcode.☆14May 16, 2021Updated 4 years ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 4 years ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- Small POC for process ghosting☆40Feb 1, 2022Updated 4 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- Caeser Cipher your shellcode!☆21Mar 11, 2022Updated 4 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆45Dec 22, 2021Updated 4 years ago
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.☆62Sep 6, 2021Updated 4 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- 一些进程注入或者Shellcode注入的实例代码,用于练习和熟悉☆19May 29, 2022Updated 3 years ago
- One gate to all syscalls!☆23Mar 12, 2022Updated 4 years ago
- go实现windows计划任务管理,过杀软☆13Aug 26, 2021Updated 4 years ago
- 根据github上的源码改的一些工具。用友nc解密、......☆18Jan 26, 2022Updated 4 years ago
- impersonate trustedinstaller by fiddling with tokens☆17Aug 30, 2021Updated 4 years ago
- Stop Windows Defender programmatically☆15Jan 17, 2022Updated 4 years ago
- Shadowsocks/ShadowsocksR 账号在线监控☆12Nov 25, 2018Updated 7 years ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- UUID based Shellcode loader for your favorite C2☆86Dec 8, 2021Updated 4 years ago
- Little program written in C# to bypass EDR hooks and dump the content of the lsass process☆61Jun 24, 2021Updated 4 years ago
- Rust Weaponization for Red Team Engagements.☆15Oct 9, 2021Updated 4 years ago
- A library to hook functions !☆18Dec 2, 2021Updated 4 years ago
- Executes shellcode from a remote server and aims to evade in-memory scanners☆32Nov 17, 2019Updated 6 years ago
- ☆15Feb 9, 2022Updated 4 years ago
- 在学习Java反序列化漏洞的过程中,用来理解Java RMI程序的执行流程,演示如何攻击Java RMI程序的几个示例。☆11May 6, 2020Updated 5 years ago