EvilBytecode / GetSyscallStubGoLinks
GetSyscallStubCGo.
☆10Updated 2 months ago
Alternatives and similar repositories for GetSyscallStubGo
Users that are interested in GetSyscallStubGo are comparing it to the libraries listed below
Sorting:
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆12Updated 2 months ago
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆10Updated 2 months ago
- Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.☆21Updated 2 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- Performs a global AMSI bypass by patching amsi.dll in memory.☆12Updated last month
- a demo module for the kaine agent to execute and inject assembly modules☆39Updated 10 months ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆22Updated 2 months ago
- Unhook Ntdll.dll, Go & C++.☆25Updated 2 months ago
- ATL.dll and WmiMgmt.msc UAC Bypass☆13Updated 2 months ago
- ☆27Updated 5 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 9 months ago
- Kill malawarebytes process. Can be ported to any programming language.☆10Updated 2 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆40Updated 11 months ago
- Ntdll Unhooking☆13Updated 2 months ago
- ☆35Updated 6 months ago
- Proxy function calls through the thread pool with ease☆28Updated 4 months ago
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆41Updated 2 months ago
- converts sRDI compatible dlls to shellcode☆29Updated 5 months ago
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆18Updated 2 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆31Updated last year
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 5 months ago
- yet another sleep encryption thing. also used the default github repo name for this one.☆69Updated 2 years ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆53Updated 2 months ago
- early cascade injection PoC based on Outflanks blog post, in rust☆60Updated 8 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆20Updated 4 months ago
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆47Updated last year
- An Aggressor Script that utilizes NtCreateUserProcess to run binaries☆30Updated 5 months ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆20Updated 2 months ago
- DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly☆60Updated last year
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆38Updated 2 years ago