Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆105Updated 4 months ago
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 3 years ago
• PL-V / Firefox-WebInject
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆42Updated 3 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆41Updated 4 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆67Updated 3 years ago
• kozmer / silentpulse
  single-threaded event driven sleep obfuscation poc for linux
  ☆35Updated 4 months ago
• dobin / DetonatorAgent
  Detonate malware on VMs and get logs & detection status
  ☆59Updated this week
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆124Updated last year
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 3 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆86Updated 3 months ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Updated last year
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆64Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated last year
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 3 years ago
• codewhitesec / SysmonEnte
  ☆74Updated 3 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 7 months ago
• Bl4ckM1rror / PEAs
  ☆60Updated last year
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆52Updated 5 years ago
• Teach2Breach / Red_Team_Rust
  Collection of Rust repos useful for Red Teamers.
  ☆34Updated 3 years ago
• hackerhouse-opensource / MsSettingsDelegateExecute
  Bypass UAC on Windows 10/11 x64 using ms-settings DelegateExecute registry key.
  ☆79Updated 3 years ago
• knight0x07 / WinRAR-Code-Execution-Vulnerability-CVE-2023-38831
  Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)
  ☆40Updated 2 years ago
• LethalSnake1337 / PE-Loader-exercise
  A simple PE loader.
  ☆27Updated 2 years ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• Pascal-0x90 / sideloadr
  Small Python tool to do DLL Sideloading (and consequently, other DLL attacks).
  ☆58Updated 3 years ago
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago