EvilBytecode / NoMoreStealersLinks
NoMoreStealers is a Windows file system minifilter driver that protects sensitive user data from untrusted processes.
☆92Updated 2 months ago
Alternatives and similar repositories for NoMoreStealers
Users that are interested in NoMoreStealers are comparing it to the libraries listed below
Sorting:
- Comprehensive Windows Syscall Extraction & Analysis Framework☆160Updated 4 months ago
- .NET tool used to enrich RPC telemetry☆100Updated 6 months ago
- A 64 bit executable junk code engine for polymorphic malware.☆74Updated 6 months ago
- Troll TaskManager, and play with it .☆29Updated 5 months ago
- A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.☆74Updated last year
- ☆106Updated last year
- ElfDoor-gcc is an LD_PRELOAD that hijacks gcc to inject malicious code into binaries during linking, without touching the source code.☆131Updated 8 months ago
- A slightly more fun way to disable windows defender☆50Updated 8 months ago
- Evade behavioral analysis by executing malicious code within trusted Microsoft call stacks, patchless hooking library IAT/EAT.☆124Updated last month
- LibWinHttp is a simplified WinHTTP wrapper designed as a Crystal Palace shared library for implant development. Its primary purpose is to…☆40Updated 2 months ago
- A collection of PoCs to do common things in unconventional ways☆121Updated 4 months ago
- Bypasses AMSI protection through remote memory patching and parsing technique.☆54Updated 7 months ago
- "Service-less" driver loading☆167Updated last year
- Remote DLL Injection with Timer-based Shellcode Execution☆151Updated 5 months ago
- A powerful Windows command-line tool for analyzing and searching ETW (Event Tracing for Windows) provider permissions from the Windows re…☆61Updated 5 months ago
- Malleable shellcode loader written in C and Assembly utilizing direct or indirect syscalls for evading EDR hooks☆134Updated last year
- Commandline spoofing on Windows☆89Updated last month
- Stealthy x64 thread manipulation library for calling functions inside target processes without creating remote threads or installing hook…☆58Updated 3 months ago
- Convert your shellcode into an ASCII string☆124Updated 6 months ago
- Gain insights into COM/DCOM implementations that may be vulnerable using an automated approach and make it easy to visualize the data. By…☆153Updated last month
- Enumerate active EDR's on the system☆147Updated 3 months ago
- UAC Bypass using CMSTP in Rust☆35Updated last year
- Prevent in-process process termination by patching exit APIs☆62Updated 2 months ago
- Detection of indirect syscall techniques using hardware breakpoints and vectored exception handling.☆51Updated 2 months ago
- SetupHijack is a security research tool that exploits race conditions and insecure file handling in Windows applications installer and up…☆259Updated 3 months ago
- Obfuscating function calls using Vectored Exception Handlers by redirecting execution through exception-based control flow. Uses byte swa…☆107Updated 2 months ago
- Using Chromium-based browsers as a proxy for C2 traffic.☆134Updated last month
- Decrypting yandex browser passwords☆28Updated 9 months ago
- A guide to modern exploit development, shellcode, EDR and WAF bypass, and initial Red Team access.☆23Updated 2 weeks ago
- Proof-of-concept kernel driver that hijacks the Windows kernel extension table mechanism to preserve process notify callbacks even when a…☆92Updated 6 months ago