Prevent in-process process termination by patching exit APIs
☆65Nov 9, 2025Updated 4 months ago
Alternatives and similar repositories for ExitPatcher
Users that are interested in ExitPatcher are comparing it to the libraries listed below
Sorting:
- Using call gadgets to break the call stack signature used by Elastic on proxying a module load. Provided as a Crystal Palace shared libra…☆81Nov 6, 2025Updated 4 months ago
- sideloading PoC using onedrive.exe & version.dll☆93Oct 30, 2025Updated 4 months ago
- PhantomDelay is a precise delay function that uses the Windows high resolution performance counter to pause your program for a specified …☆19May 8, 2025Updated 10 months ago
- A portable C# utility for enumerating local and remote windows sessions☆57Jan 1, 2026Updated 2 months ago
- KVC enables unsigned driver loading via DSE bypass (g_CiOptions patch, skci.dll hijack, SeCiCallbacks redirection) and PP/PPL manipulatio…☆181Feb 26, 2026Updated 3 weeks ago
- ☆38Apr 15, 2025Updated 11 months ago
- Cobalt Strike UDC2 implementation that provides an Slack C2 channel☆65Jan 5, 2026Updated 2 months ago
- Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.☆307Mar 13, 2026Updated last week
- CVE-2025-59501 POC code☆25Nov 20, 2025Updated 3 months ago
- A C and Go /proc/pid/maps cloak of invisibilty for shared object files☆21Nov 19, 2025Updated 4 months ago
- Modern security products (CrowdStrike, Bitdefender, SentinelOne, etc.) hook the nLoadImage function inside clr.dll to intercept and scan …☆207Dec 8, 2025Updated 3 months ago
- A Rust template for writing Beacon Object Files (BOFs)☆113Feb 11, 2026Updated last month
- Advanced WinRAR Path Traversal Exploit Tool for CVE-2025-8088☆55Aug 18, 2025Updated 7 months ago
- 7z exploit POC versions prior to 25.01☆33Aug 11, 2025Updated 7 months ago
- A Free Open sourced crypter that builds a output .NET .exe Stub (Updated whenever I feel like it)☆19Oct 18, 2025Updated 5 months ago
- Vectored Exception Handling Squared☆31Dec 27, 2025Updated 2 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆61May 12, 2025Updated 10 months ago
- This project is a deliberately vulnerable environment to learn about LLM-specific risks based on the OWASP Top 10 for LLM Applications.☆52Jan 19, 2026Updated 2 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆41Aug 28, 2024Updated last year
- A PICO for Crystal Palace that implements CLR hosting to execute a .NET assembly in memory.☆129Jan 28, 2026Updated last month
- ☆39Nov 25, 2025Updated 3 months ago
- Obex – Blocking unwanted DLLs in user mode☆282Sep 18, 2025Updated 6 months ago
- Creation and removal of Defender path exclusions and exceptions in C#.☆32Nov 1, 2023Updated 2 years ago
- sigreturn-oriented programming (SROP) based sleep obfuscation poc for Linux☆68Dec 15, 2025Updated 3 months ago
- A unique introduction to native runtime obfuscation.☆75Mar 2, 2025Updated last year
- ☆108Aug 21, 2024Updated last year
- EDR-Redir : a tool used to redirect the EDR's folder to another location.☆224Nov 6, 2025Updated 4 months ago
- Proof of Concept CVE-2025-21420 (Windows Disk Cleanup Tool EoP)☆56Jun 12, 2025Updated 9 months ago
- various methods of making API calls☆19Feb 1, 2025Updated last year
- A nim port of C5pider's Ekko project.☆17Oct 1, 2022Updated 3 years ago
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Oct 19, 2025Updated 5 months ago
- Windows 11 kernel research framework demonstrating DSE bypass on Windows 11 25H2 through boot-time execution. Loads unsigned drivers by s…☆95Dec 22, 2025Updated 2 months ago
- Collection of BOFs created for red team/adversary engagements. Created to be small and interchangeable, for quick recon or eventing.☆263Mar 11, 2026Updated last week
- Shellcode injection using the Windows Debugging API☆171Jan 4, 2026Updated 2 months ago
- ☆52May 4, 2025Updated 10 months ago
- ☆61Oct 24, 2025Updated 4 months ago
- ☆54Mar 26, 2025Updated 11 months ago
- Playing around with Thread Context Hijacking. Building more evasive primitives to use as alternative for existing process injection techn…☆199Jun 17, 2025Updated 9 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass ETW scanning by redirecting ETW calls to…☆45Jun 1, 2025Updated 9 months ago