D1rkMtr / UnhookingPatch

Related projects: ⓘ

• D1rkMtr / FileLessRemoteShellcode
  ☆138Updated this week
• LloydLabs / shellcode-plain-sight
  Hiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak
  ☆163Updated last year
• naksyn / ProcessStomping
  A variation of ProcessOverwriting to execute shellcode on an executable's section
  ☆147Updated 9 months ago
• NUL0x4C / NoRunPI
  Run Your Payload Without Running Your Payload
  ☆174Updated last year
• D1rkMtr / RecyclePersist
  ☆96Updated this week
• oldboy21 / JayFinder
  Find DLLs with RWX section
  ☆74Updated last year
• reveng007 / CheckHooks-n-load
  ☆107Updated this week
• SaadAhla / ntdlll-unhooking-collection
  different ntdll unhooking techniques : unhooking ntdll from disk, from KnownDlls, from suspended process, from remote server (fileless)
  ☆171Updated last year
• OtterHacker / SetProcessInjection
  ☆142Updated 11 months ago
• MaorSabag / SideLoadingDLL
  Do some DLL SideLoading magic
  ☆72Updated last year
• mansk1es / GhostFart
  ☆132Updated last year
• pwnsauc3 / RWXfinder
  The program uses the Windows API functions to traverse through directories and locate DLL files with RWX section
  ☆95Updated last year
• SpikySabra / Kernel-Cactus
  It's pointy and it hurts!
  ☆120Updated last year
• klezVirus / NimlineWhispers3
  A tool for converting SysWhispers3 syscalls for use with Nim projects
  ☆137Updated 2 years ago
• ghostpepper108 / Evasion
  ☆105Updated last year
• xalicex / Killers
  Exploitation of process killer drivers
  ☆182Updated 11 months ago
• rasta-mouse / PPEnum
  Simple BOF to read the protection level of a process
  ☆101Updated last year
• xalicex / LOLDrivers_finder
  ☆70Updated last year
• reveng007 / AMSI-patches-learned-till-now
  I have documented all of the AMSI patches that I learned till now
  ☆66Updated last year
• OmriBaso / WTSImpersonator
  WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
  ☆114Updated 2 months ago
• nettitude / Tartarus-TpAllocInject
  ☆172Updated 9 months ago
• tijme / amd-ryzen-master-driver-v17-exploit
  Cobalt Strike (CS) Beacon Object File (BOF) for kernel exploitation using AMD's Ryzen Master Driver (version 17).
  ☆131Updated last year
• securifybv / BOFRyptor
  ☆113Updated 11 months ago
• securityandstuff / DllLoadPath
  ☆140Updated this week
• Hagrid29 / RemotePatcher
  Patch AMSI and ETW in remote process via direct syscall
  ☆78Updated 2 years ago
• Wh04m1001 / DiagTrackEoP
  ☆87Updated 2 years ago
• paranoidninja / PIC-Get-Privileges
  Building and Executing Position Independent Shellcode from Object Files in Memory
  ☆154Updated 3 years ago
• tothi / stager_libpeconv
  A basic meterpreter protocol stager using the libpeconv library by hasherezade for reflective loading
  ☆82Updated last year
• D1rkMtr / PatchThatAMSI
  ☆60Updated this week
• decoder-it / RelabelAbuse
  ☆58Updated 3 months ago