Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆37Updated 2 years ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 9 months ago
• rkbennett / icmpsh
  Simple reverse ICMP shell
  ☆14Updated last year
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated last month
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated last month
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 7 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆20Updated 2 years ago
• PL-V / Firefox-WebInject
  Firefox webInjector capable of injecting codes into webpages using a mitmproxy.
  ☆40Updated 2 years ago
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated 6 months ago
• fern89 / runpe-x64
  RunPE adapted for x64 and written in C, does not use RWX
  ☆25Updated 11 months ago
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆21Updated 3 months ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated last year
• amroes / FlexSheller
  ☆11Updated 3 months ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆17Updated last year
• inb1ts / birdnet-poc
  Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.
  ☆39Updated last year
• kapellos / VladimiRED
  ☆18Updated 4 months ago
• cod3nym / Ghosting-AMSI
  Ghosting-AMSI
  ☆17Updated 2 weeks ago
• mr-r3bot / bof-modules
  BOF for C2 framework
  ☆41Updated 6 months ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆62Updated 3 years ago
• Helixo32 / DetectHooks
  Detect userland hooks placed by AV/EDR
  ☆27Updated last year
• HulkOperator / AuthStager
  ☆55Updated 6 months ago
• 0xB455 / ActiveSyncBruter
  ☆24Updated 2 months ago
• rbmm / Services
  ☆18Updated 4 months ago
• Krypteria / Proxll
  Tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h
  ☆37Updated 7 months ago
• FuzzySecurity / SAFACon-Vienna
  ☆23Updated last year
• iDigitalFlame / XrMT
  e(X)tensiable (Rust) Malware Toolkit: (Soon!) Full Featured Rust C2 Framework with Awesome Features!
  ☆24Updated 8 months ago