Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 3 years ago
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆125Updated last year
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆86Updated 4 months ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆39Updated 4 years ago
• dobin / DetonatorAgent
  Detonate malware on VMs and get logs & detection status
  ☆65Updated last week
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆106Updated last week
• ashemery / REDM
  Reverse Engineering and Debugging Malware
  ☆32Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆74Updated 3 years ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Updated last year
• OtterHacker / Hooker
  ☆108Updated last year
• Bl4ckM1rror / PEAs
  ☆60Updated last year
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆67Updated 3 years ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 3 years ago
• jonny-jhnson / LDAPMon
  ☆45Updated 2 years ago
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆65Updated 2 years ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 7 months ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆53Updated 10 months ago
• elastic / Silhouette
  Keep it secret, keep it safe
  ☆79Updated 9 months ago
• sidaf / moonshine
  ☆70Updated 2 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated 2 years ago
• frank2 / blenny
  A payload delivery system which embeds payloads in an executable's icon file!
  ☆74Updated last year
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆89Updated 10 months ago
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆41Updated 2 years ago
• 0xNinjaCyclone / IATUnhooker
  IAT Unhooking proof-of-concept
  ☆33Updated last year
• antonioCoco / infosec-talks
  ☆48Updated 2 years ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆22Updated last year
• Cobalt-Strike / ProxyDLLExample
  code for the Proxy DLL example blog post
  ☆62Updated 4 years ago