Alternatives and similar repositories for SyscallHookDetector:

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆40Updated 7 months ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated last week
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆37Updated 2 years ago
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆17Updated last year
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated last year
• zimnyaa / LEOPARDSEAL
  A simple Linux in-memory .so loader
  ☆30Updated 2 years ago
• blacklanternsecurity / webcap
  An ultra lightweight web screenshot tool with advanced DOM analysis features.
  ☆23Updated this week
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 3 weeks ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• ChoiSG / GwisinMsi
  PoC MSI payload based on ASEC/AhnLab's blog post
  ☆23Updated 2 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 2 years ago
• FuzzySecurity / Presentations
  A collection of my presentation materials.
  ☆17Updated 11 months ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 9 months ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆46Updated 2 years ago
• DominicBreuker / SliverSamples
  A collection of sample code used in some experiments with Sliver C2
  ☆13Updated 2 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆82Updated last year
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• rbmm / SDD
  Self Delete DLL
  ☆23Updated last year
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆27Updated 2 years ago
• jfjallid / go-lsass
  Tool to aid in dumping LSASS process remotely
  ☆38Updated 8 months ago
• eversinc33 / UnXorStringsNet
  Deobfuscation of XorStringsNet
  ☆14Updated 5 months ago
• jsecurity101 / LDAPMon
  ☆45Updated last year
• paranoidninja / BRC4-Seminar-Stage-I
  These are the slide decks and source code for Brute Ratel Seminar conducted on 24th August 2023. The youtube video for the seminar can be…
  ☆19Updated last year
• xforcered / DayBird
  Extension functionality for the NightHawk operator client
  ☆27Updated last year
• zimnyaa / PhaseDive
  Sleep Obfuscation
  ☆45Updated 2 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆62Updated 3 years ago
• EvilBytecode / Evilbytecode-Gate
  Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…
  ☆20Updated 2 months ago
• RATandC2 / FilelessNtdllReflection
  Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle…
  ☆15Updated 2 years ago