Alternatives and similar repositories for SyscallHookDetector

Users that are interested in SyscallHookDetector are comparing it to the libraries listed below

• mttaggart / quasar
  quASAR: ASAR manipulation made easy
  ☆38Updated 2 years ago
• D4rthMaulCop / DumpKernel-S1
  A C# port of https://gist.github.com/adamsvoboda/8f29e09d74b73e1dec3f9049c4358e80
  ☆20Updated 2 months ago
• 0xB455 / ActiveSyncBruter
  ☆25Updated 3 months ago
• xforcered / AdvSim.Cryptography
  Simple and sane cryptographic wrapper library.
  ☆27Updated 2 years ago
• Bl4ckM1rror / PEAs
  ☆59Updated last year
• casp3r0x0 / CortexRansomBypass
  Cortex EDR Ransomware protection Bypass
  ☆24Updated 4 months ago
• peiga / DumpThatLSASS
  Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk , plus functions and strings obfuscation
  ☆31Updated 2 years ago
• thefLink / Hunt-Weird-ImageLoads
  Small tool to play with IOCs caused by Imageload events
  ☆42Updated 2 years ago
• nbaertsch / PoolProxy
  Proxy function calls through the thread pool with ease
  ☆28Updated 3 months ago
• GetRektBoy724 / SyscallShuffler
  Your NTDLL vaccine from modern direct syscall methods.
  ☆35Updated 3 years ago
• jfmaes / Emulation-Workshop
  The repository accompanying the Buer Emulation workshop
  ☆24Updated 3 years ago
• dobin / ace-firefist
  Attack chain emulator. Write recipes for initial access easily
  ☆20Updated 4 months ago
• ricardojoserf / NativeNtdllRemap
  Remap ntdll.dll using only NTAPI functions with a suspended process
  ☆21Updated 2 months ago
• netbiosX / GhostLoader
  GhostLoader - AppDomainManager - Injection - 攻壳机动队
  ☆54Updated 5 years ago
• rad9800 / BloatedHammer
  API Hammering with C++20
  ☆46Updated 2 years ago
• ignacioj / WhacAMole
  Live memory analysis detecting malware IOCs in processes, modules, handles, tokens, threads, .NET assemblies, memory address space and en…
  ☆41Updated 9 months ago
• passthehashbrowns / DInvokeProcessHollowing
  ☆29Updated 4 years ago
• atabetnouhaila / API-hashing
  ☆18Updated 8 months ago
• Octoberfest7 / Proxy_Egress_Persistence
  A post-exploitation strategy for persistence and egress from networks utilizing authenticated web proxies
  ☆32Updated 2 years ago
• kapellos / LNKSmuggler
  A Python script for creating `.lnk` (shortcut) files with embedded encoded data and packaging them into ZIP archives.
  ☆50Updated 5 months ago
• cpu0x00 / EternelSuspention
  a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless
  ☆38Updated 11 months ago
• DominicBreuker / SliverSamples
  A collection of sample code used in some experiments with Sliver C2
  ☆13Updated 2 years ago
• vysecurity / PacketParser
  A cap/pcap packet parser to make life easier when performing stealth/passive reconnaissance.
  ☆21Updated 11 months ago
• p4p1 / havoc-store
  A simple website to act as a store for havoc modules and extensions
  ☆27Updated 5 months ago
• scriptchildie / gohellsgate
  Golang Implementation of Hell's gate
  ☆17Updated 2 years ago
• rbmm / ARL
  ☆24Updated 4 months ago
• outflanknl / RedELK-workshop
  Items related to the RedELK workshop given at security conferences
  ☆29Updated last year
• kapellos / VladimiRED
  ☆18Updated 6 months ago
• HulkOperator / AuthStager
  ☆55Updated 8 months ago
• MaorSabag / HollowMask
  Just another Process Injection using Process Hollowing technique.
  ☆17Updated last year