EvilBytecode / GetSyscallStubGoLinks
GetSyscallStubCGo.
☆10Updated last month
Alternatives and similar repositories for GetSyscallStubGo
Users that are interested in GetSyscallStubGo are comparing it to the libraries listed below
Sorting:
- Kill malawarebytes process. Can be ported to any programming language.☆10Updated last month
- Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.☆21Updated last month
- 💎 | RubyRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Ruby☆10Updated last month
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆12Updated last month
- Unhook Ntdll.dll, Go & C++.☆22Updated last month
- A lightweight tool that injects a custom assembly proxy into a target process to silently bypass AMSI scanning by redirecting AmsiScanBuf…☆39Updated 3 weeks ago
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆21Updated last month
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆31Updated 2 weeks ago
- converts sRDI compatible dlls to shellcode☆29Updated 4 months ago
- Parent Process ID Spoofing, coded in CGo.☆22Updated last month
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆45Updated last year
- A C# implementation that disables Windows Firewall bypassing UAC☆15Updated 7 months ago
- Pattern-based AMSI bypass that patches AMSI.dll in memory by modifying comparison values, conditional jumps, and function prologues to ne…☆18Updated 3 weeks ago
- Ntdll Unhooking☆12Updated last month
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 9 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 8 months ago
- A remote process injection using process snapshotting based on https://gitlab.com/ORCA000/snaploader , in rust. It creates a sacrificial …☆49Updated 4 months ago
- How to bypass AMSI (Antimalware Scan Interface) in PowerShell/C++ by dynamically patching the AmsiScanBuffer function.☆17Updated last month
- Load various payload (DLL from memory, Exe, etc...) in a way to evade static analysis of Antivirus. It can fetch data from various method…☆11Updated last month
- C# API for Nidhogg rootkit☆17Updated last year
- Execute dotnet app from unmanaged process☆75Updated 5 months ago
- Ransomware written in go, encrypt - decrypt.☆22Updated last month
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆39Updated 9 months ago
- https://github.com/janoglezcampos/c_syscalls with the ASM rewritten by myself for Visual Studio's Compiler.☆31Updated 11 months ago
- dump Chrome cookies remotely with atexec and CDP☆67Updated 9 months ago
- A powerful Windows UI monitoring and DNS exfiltration tool written in Rust, combining advanced UI event capture capabilities with secure …☆16Updated 3 months ago
- NailaoLoader: Hiding Execution Flow via Patching☆21Updated 3 months ago
- Attempting to Hook LSASS APIs to Retrieve Plaintext Credentials☆48Updated 3 weeks ago
- Remap ntdll.dll using only NTAPI functions with a suspended process☆21Updated last month
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆12Updated last month