Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 2 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated last year
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• 0xB455 / ActiveSyncBruter
  ☆25Updated 3 months ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 8 months ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆27Updated 4 months ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 10 months ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 2 months ago
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆17Updated 2 years ago
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated 7 months ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆62Updated 3 years ago
• andreisss / Living-off-the-COM-Type-Coercion-Abuse
  This technique leverages PowerShell's .NET interop layer and COM automation to achieve stealthy command execution by abusing implicit typ…
  ☆39Updated 3 weeks ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated last month
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆38Updated 3 years ago
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆27Updated 2 years ago
• Krypteria / Proxll
  Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h
  ☆37Updated 7 months ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆53Updated 5 years ago
• ZSECURE / zDocker-cobaltstrike
  Docker container for running CobaltStrike 4.10
  ☆37Updated 8 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• persistent-security / hermes-the-messenger
  A PoC for achieving persistence via push notifications on Windows
  ☆46Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆47Updated 2 years ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• Teach2Breach / NtCreateUserProcess_rs
  example using NtCreateUserProcess in rust
  ☆19Updated 4 months ago
• Ne0nd0g / go-coff
  Load and execute a common object file format (COFF) in the current process
  ☆29Updated last year
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆39Updated 10 months ago
• mgeeky / CustomXMLPart
  A PoC weaponising CustomXMLPart for hiding malware code inside of Office document structures.
  ☆39Updated 2 years ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆28Updated 3 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago