A small PoC using DInvoke, dynamically mapping a DLL and executing Win32 APIs for process injection.
☆10Dec 16, 2021Updated 4 years ago
Alternatives and similar repositories for UnhookPoC
Users that are interested in UnhookPoC are comparing it to the libraries listed below
Sorting:
- About C# loader that copies a chunk at the time of the shellcode in memory in a suspended process, rather that all at once☆13Jul 14, 2022Updated 3 years ago
- Phantom DLL Hollowing method implemented in modmap☆18Jun 9, 2021Updated 4 years ago
- Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods☆14Sep 30, 2022Updated 3 years ago
- CLIPBRDWNDCLASS process injection technique(BOF) - execute beacon shellcode in callback☆68Sep 15, 2022Updated 3 years ago
- Using fibers to execute shellcode in a local process via csharp☆28Jan 2, 2022Updated 4 years ago
- Like Hell's Gate but more EGG :)☆20Mar 11, 2022Updated 3 years ago
- Load ssp dll golang implementation☆19Jan 18, 2022Updated 4 years ago
- Bypass Windows defender syscall☆18Jul 17, 2021Updated 4 years ago
- This project is created for research into antivirus evasion by unhooking.☆18Sep 2, 2021Updated 4 years ago
- Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.☆18Jan 21, 2022Updated 4 years ago
- Caeser Cipher your shellcode!☆21Mar 11, 2022Updated 3 years ago
- 根据github上的源码改的一些工具。用友nc解密、......☆18Jan 26, 2022Updated 4 years ago
- ☆18Aug 15, 2021Updated 4 years ago
- A library to hook functions !☆18Dec 2, 2021Updated 4 years ago
- MappingInjection via csharp☆40Nov 19, 2021Updated 4 years ago
- Perun's Fart (Slavic God's Luck). Another method for unhooking AV and EDR, this is my C# version.☆117Dec 26, 2021Updated 4 years ago
- Small POC for process ghosting☆40Feb 1, 2022Updated 4 years ago
- A wrapper around Windows, calls explicitly the lowest possible calls☆14Jan 19, 2023Updated 3 years ago
- CSharp Writeups for HackSys Extreme Vulnerable Driver☆45Dec 22, 2021Updated 4 years ago
- Shadowsocks/ShadowsocksR 账号在线监控☆12Nov 25, 2018Updated 7 years ago
- BypassAV无net添加windows用户☆10Jan 7, 2021Updated 5 years ago
- The best way to send emails in Go.☆12Feb 4, 2021Updated 5 years ago
- Cobalt Strike Launcher on macOS☆12Nov 28, 2022Updated 3 years ago
- Shellcode异或加密工具☆12Mar 23, 2017Updated 8 years ago
- Windows Service with the implementation of the Process hollowing technique to run shellcode☆14Jul 20, 2023Updated 2 years ago
- study_summary☆10Aug 8, 2022Updated 3 years ago
- DPX - the Doge Packer for eXecutables☆30Dec 21, 2021Updated 4 years ago
- 自不量力的mimikatz分离计划☆44Nov 28, 2021Updated 4 years ago
- Crossplatform tool for inject shellcode into .exe and .dll binaries (x86 and x64)☆75Dec 22, 2025Updated 2 months ago
- ☆12Feb 28, 2022Updated 4 years ago
- 在学习Java反序列化漏洞的过程中,用来理解Java RMI程序的执行流程,演示如何攻击Java RMI程序的几个示例。☆11May 6, 2020Updated 5 years ago
- 基于wappalyzer指纹库、chromedp框架对网站进行指纹识别☆13Mar 17, 2025Updated 11 months ago
- go实现windows计划任务管理,过杀软☆13Aug 26, 2021Updated 4 years ago
- OwOwning with the Windows API Examples and Code. DEFCON Furs 2020 presentation.☆13Jan 18, 2024Updated 2 years ago
- ☆28Dec 2, 2021Updated 4 years ago
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆58Feb 2, 2026Updated 3 weeks ago
- An attempt to make a LoadLibrary designed for offensive operations, in C# obviously.☆55Mar 3, 2022Updated 3 years ago
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Jan 30, 2025Updated last year
- Halos Gate-based NTAPI Unhooker☆52Apr 21, 2022Updated 3 years ago