EvilBytecode / GetSyscallStubGo
GetSyscallStubCGo.
☆9Updated 5 months ago
Alternatives and similar repositories for GetSyscallStubGo:
Users that are interested in GetSyscallStubGo are comparing it to the libraries listed below
- (EDR) Dll Unhooking = kernel32.dll, kernelbase.dll, ntdll.dll, user32.dll, apphelp.dll, msvcrt.dll.☆18Updated 5 months ago
- Loads NTDLL, parses the PE file, extracts "Zw" functions, retrieves their System Service Numbers (SSNs), and prints each function’s name,…☆10Updated 5 months ago
- Measures average CPU cycles for the CPUID instruction to detect if the code is running in a VM by comparing against a threshold.☆18Updated 5 months ago
- Parent Process ID Spoofing, coded in CGo.☆22Updated 6 months ago
- a demo module for the kaine agent to execute and inject assembly modules☆38Updated 4 months ago
- 🗡️ A multi-user malleable C2 framework targeting Windows. Written in C++ and Python☆42Updated 10 months ago
- Ransomware written in go, encrypt - decrypt.☆16Updated 6 months ago
- Unhook Ntdll.dll, Go & C++.☆13Updated 6 months ago
- "D3MPSEC" is a memory dumping tool designed to extract memory dump from Lsass process using various techniques, including direct system c…☆24Updated 4 months ago
- Threadless injection via TLS callbacks☆16Updated 2 months ago
- Exploiting the KsecDD Windows driver through Server Silos☆37Updated 2 months ago
- based on https://gitlab.com/ORCA000/snaploader☆42Updated last month
- Malware development in Go, learn today, anti dynamic analysis & Static & sandboxes.☆11Updated 6 months ago
- havoc kaine plugin to mitigate PAGE_GUARD protected image headers using JOP gadgets☆26Updated 5 months ago
- A firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a unprivileged user☆36Updated 5 months ago
- Windows AppLocker Driver (appid.sys) LPE☆47Updated 5 months ago
- C# API for Nidhogg rootkit☆16Updated 8 months ago
- A malicous Golang Package☆11Updated 6 months ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆21Updated last year
- DLL Hijacking and Mock directories technique to bypass Windows UAC security feature and getting high-level privileged reverse shell. Secu…☆37Updated 8 months ago
- Windows C++ Implant for Exploration C2☆21Updated this week
- Evilbytecode-Gate resolves Windows System Service Numbers (SSNs) using two methods: analyzing the Guard CF Table in ntdll.dll and parsing…☆15Updated last week
- Simple ETW unhook PoC. Overwrites NtTraceEvent opcode to disable ETW at Nt-function level.☆43Updated 10 months ago
- A version of NetLoader, Execute Assemblies and Bypass ETW and AMSI using Hardware Breakpoints☆26Updated this week
- Simple PoC to locate hooked functions by EDR in ntdll.dll☆36Updated last year
- convert compatible dlls to shellcode with sRDI. I don't remember where this came from, so if you recognize the code, let me know and I'll…☆12Updated 8 months ago
- Mythic C2 Agent written in x64 PIC C☆64Updated 2 weeks ago
- Section-based payload obfuscation technique for x64☆59Updated 5 months ago