EgeBalci / syscall_api
☆36Updated last year
Related projects: ⓘ
- ☆38Updated this week
- Experimental PoC for unhooking API functions using in-memory patching, without VirtualProtect, for one specific EDR.☆37Updated last year
- miscellaneous codes☆35Updated 11 months ago
- This is my own implementation of the Perun's Fart technique by Sektor7☆64Updated 2 years ago
- A method to execute shellcode using RegisterWaitForInputIdle API.☆50Updated last year
- ☆50Updated this week
- Your NTDLL vaccine from modern direct syscall methods.☆35Updated 2 years ago
- ☆24Updated this week
- ☆27Updated 3 months ago
- Linux Sleep Obfuscation☆87Updated 8 months ago
- Windows x64 Process Injection via Ghostwriting with Dynamic Configuration☆27Updated 2 years ago
- ☆52Updated this week
- BYOVD collection☆19Updated 5 months ago
- Sleep Obfuscation☆39Updated last year
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆31Updated last year
- Bypass UAC elevation on Windows 8 (build 9600) & above.☆53Updated 2 years ago
- ☆37Updated last year
- Bunch of BOF files☆21Updated 7 months ago
- ☆47Updated last year
- Example of using Sleep to create better named pipes.☆41Updated last year
- a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Cal…☆49Updated last year
- freeBokuLoader fork which targets and frees Metsrv's initial reflective DLL package☆33Updated last year
- Beacon Object Files (not Buffer Overflows)☆51Updated last year
- ☆38Updated 11 months ago
- ☆73Updated this week
- the Open Source and Pure C++ Packer for eXecutables☆18Updated last year
- API Hammering with C++20☆34Updated 2 years ago
- Attack chain emulator. Write recipes for initial access easily☆19Updated last year
- A proof-of-concept created for academic/learning purposes, demonstrating both local and remote use of VSTO "Add-In's" maliciously☆23Updated last year