EvilBytecode / HandleHijackerLinks
HandleHijacker is a low-level Windows utility written in Go that lets you inspect running processes, extract files that processes have open, and optionally close handles to those files, that lets us read a content off a locked file, without terminating the process.
☆40Updated last week
Alternatives and similar repositories for HandleHijacker
Users that are interested in HandleHijacker are comparing it to the libraries listed below
Sorting:
- an Improoved Version of 0xNinjaCyclone´s EarlyCascade Code☆22Updated 10 months ago
- ☆38Updated 9 months ago
- An alternative to the builtin clipboard feature in Cobalt Strike that adds the capability to enable/disable and dump the clipboard histor…☆51Updated this week
- ☆61Updated 2 years ago
- ☆47Updated 2 years ago
- Hunting and injecting RWX 'mockingjay' DLLs in pure nim☆59Updated last year
- Another version of .NET loader provides capabilities of bypassing ETW and AMSI, utilizing VEH for syscalls and loading .NET assemblies☆49Updated 6 months ago
- EvtPsst☆55Updated 2 years ago
- single-threaded event driven sleep obfuscation poc for linux☆37Updated 6 months ago
- ☆59Updated last year
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Updated 2 months ago
- Event Tracing for Windows EDR bypass in Rust (usermode)☆37Updated last year
- BOF for C2 framework☆44Updated last year
- Proxy function calls through the thread pool with ease☆31Updated 10 months ago
- A Windows tool that converts LDIF files to BloodHound CE☆24Updated 3 weeks ago
- This project is an EDRSandblast fork, adding some features and custom pieces of code.☆24Updated 2 years ago
- malleable profile generator GUI for Havoc☆55Updated 2 years ago
- Rust implementation, creating a scheduled task programmatically with user logon trigger.☆47Updated 7 months ago
- Windows Access token manipulation tool made in C#☆24Updated 4 months ago
- Unix Process hollowing in rust☆22Updated last year
- Things i do because i saw it on twitter on a weekend☆57Updated 5 months ago
- ☆26Updated 10 months ago
- 「⚙️」Detect which native Windows API's (NtAPI) are being hooked☆39Updated last year
- A C# implementation that disables Windows Firewall bypassing UAC☆16Updated last year
- Creation and removal of Defender path exclusions and exceptions in C#.☆33Updated 2 years ago
- Proxll is a tool designed to simplify the generation of proxy DLLs while addressing common conflicts related to windows.h☆41Updated last year
- Find jmp gadgets for call stack spoofing.☆72Updated 3 months ago
- Example of using Sleep to create better named pipes.☆41Updated 2 years ago
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆40Updated 2 months ago
- .NET profiler DLL loading can be abused to make a legit .NET application load a malicious DLL using environment variables. This exploit i…☆47Updated last year