Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆43Updated last year
• itm4n / Pentest-Windows
  Windows internals and exploitation tricks
  ☆110Updated last month
• sec-consult / msiscan
  Scanning tool for identifying local privilege escalation issues in vulnerable MSI installers
  ☆125Updated last year
• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 3 years ago
• DISREL / Conti-Leaked-Playbook-TTPs
  MITRE TTPs derived from Conti's leaked playbooks from XSS.IS
  ☆40Updated 4 years ago
• dis0rder0x00 / CanYouCTheThief
  A C implementation of the Sektor7 "A Thief" Windows privesc technique.
  ☆69Updated 3 years ago
• Bl4ckM1rror / PEAs
  ☆61Updated 2 years ago
• rtfmkiesel / loldrivers-client
  Scan your computer for known vulnerable and known malicious Windows drivers using loldrivers.io
  ☆87Updated last month
• EgeBalci / syscall_api
  ☆38Updated 2 years ago
• codewhitesec / SysmonEnte
  ☆76Updated 3 years ago
• olafhartong / PockETWatcher
  a tiny program to consume from ETW providers for research
  ☆53Updated last year
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆49Updated 3 years ago
• jonny-jhnson / LDAPMon
  ☆45Updated 2 years ago
• HulkOperator / AuthStager
  ☆59Updated last year
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆26Updated 8 months ago
• SolomonSklash / COM-Hijacking
  An example of COM hijacking using a proxy DLL.
  ☆42Updated 4 years ago
• Teach2Breach / Red_Team_Rust
  Collection of Rust repos useful for Red Teamers.
  ☆34Updated 3 years ago
• klezVirus / koppeling-p
  Adaptive DLL hijacking / dynamic export forwarding - EAT preserve
  ☆78Updated last year
• lleon1435 / Kernel_VADInjector
  Windows 10 DLL Injector via Driver utilizing VAD and hiding the loaded driver
  ☆53Updated 2 years ago
• melotic / nanostorm
  An (WIP) EDR Evasion tool for x64 Windows & Linux binaries that utilizes Nanomites, written in Rust.
  ☆20Updated last year
• HullaBrian / COMmander
  .NET tool used to enrich RPC telemetry
  ☆101Updated 6 months ago
• OtterHacker / Hooker
  ☆108Updated last year
• 0xv1n / proc-suspend
  powershell script i wrote that can suspend an arbitrary process (with limits)
  ☆22Updated 2 years ago
• pracsec / AmsiScanner
  A tool for interacting with the Anti-Malware Scan Interface API for pen testing purposes.
  ☆67Updated 2 years ago
• pard0p / LibWinHttp
  LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…
  ☆40Updated 2 months ago
• zimnyaa / LEOPARDSEAL
  A simple Linux in-memory .so loader
  ☆33Updated 2 years ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 3 years ago
• hasherezade / pesieve-go
  Golang bindings for PE-sieve
  ☆42Updated 2 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆23Updated 4 years ago
• naksyn / talks
  Repo containing my public talks
  ☆23Updated 2 years ago