Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 3 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆40Updated 4 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆86Updated last week
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆107Updated last month
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆125Updated last year
• nullsection / Discord-DLL-Hijacking
  This is a simple example of DLL hijacking enabling proxy execution.
  ☆66Updated 2 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆68Updated 3 years ago
• termanix / TokenElevation
  Token Elevation to authorized user as SYSTEM or Domain Admins
  ☆25Updated 3 weeks ago
• Bl4ckM1rror / PEAs
  ☆61Updated 2 years ago
• Logisek / CalcOrItDidntHappen
  A curated collection of Living off the Land (LotL) attack demonstrations where trusted binaries go rogue, because if it didn’t launch cal…
  ☆33Updated last month
• persistent-security / hermes-the-messenger
  A PoC for achieving persistence via push notifications on Windows
  ☆48Updated 2 years ago
• RedSiege / What-The-F
  This repo hosts a poc of how to execute F# code within an unmanaged process
  ☆70Updated last year
• anyrun / blog-scripts
  ☆34Updated last year
• deepinstinct / VSTO-POC
  A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously
  ☆31Updated 2 years ago
• MaorSabag / Paruns-Fart
  Just another ntdll unhooking using Parun's Fart technique
  ☆75Updated 2 years ago
• 0xZDH / imgect
  Inject shellcode into a valid BMP/GIF image.
  ☆32Updated 5 years ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 3 years ago
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 6 months ago
• brosck / APIHookingDetector
  「⚙️」Detect which native Windows API's (NtAPI) are being hooked
  ☆38Updated last year
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆18Updated 7 months ago
• 0xv1n / Havoc-ProfileGenerator
  malleable profile generator GUI for Havoc
  ☆55Updated 2 years ago
• naksyn / talks
  Repo containing my public talks
  ☆23Updated 2 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• EgeBalci / syscall_api
  ☆38Updated 2 years ago
• jonny-jhnson / LDAPMon
  ☆45Updated 2 years ago
• PL-V / Firefox-WebInject
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆42Updated 3 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated 2 years ago