Alternatives and similar repositories for SyscallHookDetector:

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 6 months ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆16Updated last year
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆18Updated last year
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆24Updated 8 months ago
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆26Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 2 years ago
• vysecurity / Nemesis-Download-Watcher
  Watches the Downloads folder for any new files and inserts it into Nemesis for analysis.
  ☆14Updated 10 months ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆23Updated 3 years ago
• rbmm / ARL
  ☆24Updated last week
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• affix / rusty-hollow
  Unix Process hollowing in rust
  ☆20Updated last month
• EvilBytecode / Ntdll-Unhook
  Unhook Ntdll.dll, Go & C++.
  ☆13Updated 6 months ago
• Offensive-Panda / MalwareAnalysis
  This central repository is crafted for cybersecurity enthusiasts, researchers, and professionals aiming to advance their skills. It offer…
  ☆13Updated 2 months ago
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆26Updated last year
• yamakadi / ldr
  A work in progress BOF/COFF loader in Rust
  ☆46Updated last year
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• s4dbrd / ETWReader
  Read ETW Provider events. Inspired by ETWExplorer by Pavel Yosifovich
  ☆14Updated 6 months ago
• Scorpion-Security-Labs / OpenHashAPI
  OpenHashAPI provides a secure method of communicating hashes and enables lightweight workflows for security practitioners and enthusiasts…
  ☆14Updated 2 months ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆22Updated 2 years ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆24Updated 2 years ago
• thalpius / Microsoft-Defender-for-Identity-Encrypted-Password
  ☆35Updated 7 months ago
• SaadAhla / APTmulate
  This repository focuses on replicating the behavioral patterns observed in well-documented APT campaigns.
  ☆10Updated last year
• rad9800 / talks
  ☆27Updated last year
• rbmm / Services
  ☆18Updated last week
• FuzzySecurity / SAFACon-Vienna
  ☆23Updated 8 months ago
• DominicBreuker / SliverSamples
  A collection of sample code used in some experiments with Sliver C2
  ☆13Updated last year
• Flangvik / collector
  Utility to analyse, ingest and push out credentials from common data sources during an internal penetration test.
  ☆19Updated 2 years ago
• OOAFA / squeegee
  A collection of tools using OCR to extract potential usernames from RDP screenshots.
  ☆30Updated 9 months ago